Lucene search
K

4 matches found

NVD
NVD
added 2026/05/28 7:16 p.m.15 views

CVE-2026-44394

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federated user rescopes a token via POST /v3/auth/tokens, the handlescopedtoken function in the mapped...

8.1CVSS0.00249EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/28 12:0 a.m.30 views

CVE-2026-44394

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federated user rescopes a token via POST /v3/auth/tokens, the handlescopedtoken function in the mapped...

6CVSS0.00249EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.9 views

PT-2026-44466

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 29.0.2 Description The federated token rescoping mechanism fails to propagate the original token's expiry to the newly issued token. When a federated user rescopes a token through the 'POST /v3/auth/tokens'...

8.1CVSS5.2AI score0.00249EPSS
Exploits1References16
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

OpenStack Keystone 安全漏洞

OpenStack Keystone is a core authentication component library of the OpenStack open-source project. Versions of OpenStack Keystone prior to 29.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the joint token revalidation mechanism, which did not propagate the expiration...

8.1CVSS5.8AI score0.00249EPSS
Exploits1References2
Rows per page
Query Builder