5 matches found
openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via AWS signature validation flaw
A flaw was found in OpenStack Keystone. This vulnerability allows an attacker to obtain a valid OpenStack's Keystone token, leading to access to unauthorized resources or privilege escalation within the OpenStack instance via sending a valid AWS Amazon Web Services signature to the /v3/ec2tokens ...
RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) (RHSA-2026:1958)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1958 advisory. Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. Security Fixes: OpenStack Keystone: Unauthorized...
EUVD-2025-197772
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...
[SECURITY] Fedora 41 Update: rust-reqsign-aws-v4-2.0.0-1.fc41
AWS SigV4 signing implementation for reqsign...
Virtuozzo Hybrid Infrastructure 6.1 Update 1 Hotfix 5 (6.1.1-49)
This update provides security and stability fixes. Vulnerability id: VSTOR-75009, VSTOR-76816 Stability fixes for the hypervisor. Vulnerability id: VSTOR-85653, VSTOR-87742 Stability fixes for the chunk service. Vulnerability id: VSTOR-88832 A security fix for networks. Vulnerability id:...