Linux Distros Unpatched Vulnerability : CVE-2026-40683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration...

Access of Resource Using Incompatible Type ('Type Confusion')

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the...

CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

CVE-2023-25613

An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3...

PT-2023-20194 · Apache · Apache Derby

Name of the Vulnerable Software and Affected Versions: Apache Kerby versions prior to 2.0.3 Description: An LDAP Injection issue exists in the LdapIdentityBackend of Apache Kerby. This allows for potential exploitation. Recommendations: For versions prior to 2.0.3, update to version 2.0.3 or late...