RHSA-2026:1958 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) security update

Bulletin has no description...

openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via AWS signature validation flaw

A flaw was found in OpenStack Keystone. This vulnerability allows an attacker to obtain a valid OpenStack's Keystone token, leading to access to unauthorized resources or privilege escalation within the OpenStack instance via sending a valid AWS Amazon Web Services signature to the /v3/ec2tokens ...

Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) security update

An update for openstack-keystone is now available for Red Hat OpenStack Services on OpenShift 18.0 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) (RHSA-2026:1958)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1958 advisory. Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. Security Fixes: OpenStack Keystone: Unauthorized...

Ubuntu 24.04 LTS / 25.10 : Keystone Middleware vulnerability (USN-8008-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-8008-1 advisory. Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could...

USN-8008-1: Keystone Middleware vulnerability

Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47756)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47756 advisory. - In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expressi...

OpenStack Keystone Middleware security vulnerabilities

OpenStack Keystone Middleware is a core certification component of the OpenStack open-source project. Vulnerabilities exist in versions prior to 10.7.2, 10.9.1, and 10.12.1 of OpenStack Keystone Middleware. These vulnerabilities stem from uncleaned authentication headers, which may lead to...

ROS-20260112-7371

A vulnerability in the kspciesetuprcappregs function of the drivers/pci/controller/dwc/pci-keystone.c module of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2022-0087

keystone is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992856 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in kspciequirk This code accidentally uses && where ||...

Authentication Bypass

OpenStack Keystone is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of AWS Signature-based requests in token endpoints, which allows an attacker to gain unauthorized Keystone access using crafted requests...

Ubuntu: Security Advisory (USN-7926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : OpenStack Keystone vulnerabilities (USN-7926-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7926-1 advisory. Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to obtain...

USN-7926-1: OpenStack Keystone vulnerabilities

Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to obtain unauthorized access and escalate privileges. CVE-2025-65073 It was discovered that OpenStack Keystone only validated the first 72 bytes of an...

CVE-2025-65073

A flaw was found in OpenStack Keystone. This vulnerability allows an attacker to obtain a valid OpenStack's Keystone token, leading to access to unauthorized resources or privilege escalation within the OpenStack instance via sending a valid AWS Amazon Web Services signature to the /v3/ec2tokens ...

Siemens SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47756)

PCI: keystone: Fix if-statement expression in kspciequirk. This code accidentally uses && where || was intended. It potentially results in a NULL dereference. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900...

Linux Distros Unpatched Vulnerability : CVE-2025-65073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2025-65073 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2025-65073 Source advisory: OSV:GHSA-HCQG-5G63-7J9H...

GHSA-HCQG-5G63-7J9H OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...