org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=3.20.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=3.20.0) +1 more potentially affected by CVE-2017-4960 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=3.9.1)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.20.0 Source cves: CVE-2017-4960 Source advisory: OSV:GHSA-HXGW-7539-PV7R...

com.alexbt:springboot-autoconfigure-openid-oauth (=1.0.9), com.appdirect:service-integration-sdk (>=1.24 <=v11.129.7) +11 more potentially affected by CVE-2019-11269 via org.springframework.security.oauth:spring-security-oauth (>=2.0.10.RELEASE <=2.0.17.RELEASE)

org.springframework.security.oauth:spring-security-oauth MAVEN version =2.0.10.RELEASE, =1.24, =1.4.3, =2.7.4.7, =2.7.4.7, =2.7.4.7, =3.3.0.4, =3.3.0.4, =2.7.4.7, =4.4.0 Source cves: CVE-2019-11269 Source advisory: OSV:GHSA-MMF6-6597-3V6M...

com.alexbt:springboot-autoconfigure-openid-oauth (=1.0.9), com.appdirect:service-integration-sdk (>=1.24 <=v11.129.7) +10 more potentially affected by CVE-2019-3778 via org.springframework.security.oauth:spring-security-oauth (>=2.0.10.RELEASE <=2.0.14.RELEASE)

org.springframework.security.oauth:spring-security-oauth MAVEN version =2.0.10.RELEASE, =1.24, =2.7.4.7, =2.7.4.7, =2.7.4.7, =3.3.0.4, =3.3.0.4, =2.7.4.7, =4.4.0 Source cves: CVE-2019-3778 Source advisory: OSV:GHSA-77RV-6VFW-X4GC...

Moderate: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

Moderate: Red Hat Security Advisory: python-keystoneclient and python-keystonemiddlware security update

Updated python-keystoneclient and python-keystonemiddleware packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...

USN-2705-1: Keystone vulnerabilities

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...

Moderate: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

RHEL 6 : Storage Server (RHSA-2014:0409)

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update

Updated python-keystoneclient packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

DEBIAN-CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

Important: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...

Important: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

[SECURITY] Fedora 19 Update: python-keystoneclient-0.2.3-7.fc19

Client library and command line utility for interacting with Openstack Identity API...

Important: Red Hat Security Advisory: python-keystoneclient security, bug fix, and enhancement update

Updated python-keystoneclient packages that fix two security issues, one bug, and add one enhancement are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...