CVE-2026-56242 Capgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

RHEL 6 : python-keystoneclient (RHSA-2013:0944)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0944 advisory. Python-keystoneclient is the client library and command line utility for interacting with the OpenStack identity API. A flaw in Keystone allowed an...

PT-2025-3103 · Unknown +1 · Vaultwarden +1

Name of the Vulnerable Software and Affected Versions: Vaultwarden versions prior to 1.32.5 Description: An issue in the component src/api/identity.rs of Vaultwarden allows attackers to impersonate users, including Administrators, via a crafted authorization request. This issue enables attackers ...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=4.11.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=4.11.0) +1 more potentially affected by CVE-2018-1192 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=4.5.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.30.0 Source cves: CVE-2018-1192 Source advisory: OSV:GHSA-XG5V-696H-C3VR...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=4.8.0 <=4.8.2), org.cloudfoundry.identity:cloudfoundry-identity-app (>=4.8.0 <=4.8.2) +1 more potentially affected by CVE-2018-1192 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=4.8.0 <=4.8.2)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.2 Source cves: CVE-2018-1192 Source advisory: OSV:GHSA-XG5V-696H-C3VR...

org.cloudfoundry.identity:cloudfoundry-identity-api (=3.4.0), org.cloudfoundry.identity:cloudfoundry-identity-app (=3.4.0) +1 more potentially affected by CVE-2016-5016 via org.cloudfoundry.identity:cloudfoundry-identity-server (=3.4.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.cloudfoundry.identity:cloudfoundry-identity-server and may be impacted: - org.cloudfoundry.identity:cloudfoundry-identity-ap...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2016-5016 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.3.0.2)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2016-5016 Source advisory: OSV:GHSA-RC2R-W8JV-VGGP...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2018-1190 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.20.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2018-1190 Source advisory: OSV:GHSA-J97Q-9XP9-G5FX...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=4.6.0 <=4.7.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=4.6.0 <=4.7.0) +1 more potentially affected by CVE-2017-8031 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=4.6.0 <=4.7.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =4.6.0, =4.6.0, =4.6.0, =4.6.0, =4.7.0 Source cves: CVE-2017-8031 Source advisory: OSV:GHSA-J4P3-2M2H-CV5F...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.7.0 <=3.9.1), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.7.0 <=3.9.1) +1 more potentially affected by CVE-2017-8032 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.7.0 <=3.9.1)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.7.0, =3.7.0, =3.7.0, =3.7.0, =3.9.1 Source cves: CVE-2017-8032 Source advisory: OSV:GHSA-9FRW-WMVQ-5RRC...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2016-6637 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.3.0.4)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2016-6637 Source advisory: OSV:GHSA-4M8C-H7FR-GQ5C...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.5.0 <=3.6.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.5.0 <=3.6.0) +1 more potentially affected by CVE-2016-6637 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.5.0 <=3.6.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.5.0, =3.5.0, =3.5.0, =3.5.0, =3.6.0 Source cves: CVE-2016-6637 Source advisory: OSV:GHSA-4M8C-H7FR-GQ5C...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2017-8032 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.6.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2017-8032 Source advisory: OSV:GHSA-9FRW-WMVQ-5RRC...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.4.0 <=3.4.3), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.4.0 <=3.4.3) +1 more potentially affected by CVE-2016-6637 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.4.0 <=3.4.3)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.4.3 Source cves: CVE-2016-6637 Source advisory: OSV:GHSA-4M8C-H7FR-GQ5C...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=4.1.0 <=4.11.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=4.1.0 <=4.11.0) +1 more potentially affected by CVE-2017-8032 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=4.10.0 <=4.3.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =4.10.0, =4.1.0, =4.1.0, =3.3.0.6, =4.30.0 Source cves: CVE-2017-8032 Source advisory: OSV:GHSA-9FRW-WMVQ-5RRC...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2017-4991 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.6.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2017-4991 Source advisory: OSV:GHSA-CGRG-X34R-78F3...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.10.0 <=3.15.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.10.0 <=3.15.0) +1 more potentially affected by CVE-2017-4974 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.10.0 <=3.15.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.10.0, =3.10.0, =3.10.0, =3.10.0, =3.15.0 Source cves: CVE-2017-4974 Source advisory: OSV:GHSA-CW9C-V3V2-99HM...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.10.0 <=3.16.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.10.0 <=3.16.0) +1 more potentially affected by CVE-2017-4991 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.10.0 <=3.16.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.10.0, =3.10.0, =3.10.0, =3.10.0, =3.16.0 Source cves: CVE-2017-4991 Source advisory: OSV:GHSA-CGRG-X34R-78F3...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2017-4992 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.6.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2017-4992 Source advisory: OSV:GHSA-JCMH-X32V-7MGF...

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.10.0 <=3.13.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.10.0 <=3.13.0) +1 more potentially affected by CVE-2017-4973 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.10.0 <=3.13.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.10.0, =3.10.0, =3.10.0, =3.10.0, =3.13.0 Source cves: CVE-2017-4973 Source advisory: OSV:GHSA-PGJC-GC7G-P2C6...