GHSA-8936-44GW-7664 TripleO Heat templates might allow remote attackers to obtain sensitive information from private containers

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

TripleO Heat templates might allow remote attackers to obtain sensitive information from private containers

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

PYSEC-2016-34

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

CVE-2015-5271

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

UBUNTU-CVE-2015-5271

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

CVE-2015-5271

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

Information disclosure

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

CVE-2015-5271

The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...

CVE-2015-5271

CVE-2015-5271 affects TripleO Heat templates: the swiftproxy pipeline does not properly order Keystone before Swift staticweb middleware when staticweb is enabled, potentially allowing remote attackers to obtain sensitive information from private containers via unspecified vectors. This is docume...

PT-2016-3678 · Openstack · Tripleo-Heat-Templates

Name of the Vulnerable Software and Affected Versions: tripleo-heat-templates affected versions not specified Description: The issue is related to the improper ordering of the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when...

openstack-tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware

A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package OpenStack director. The staticweb middleware was incorrectly configured before the Identity Service, and...