OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2025-65073 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2025-65073 Source advisory: SNYK:PYTHON-KEYSTONE-14038400...

Access Control Bypass

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Access Control Bypass via the ec2tokens or s3tokens process when a reques...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

EUVD-2025-197772

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

Keystone 安全漏洞

Keystone is a powerful CMS open source for OpenStack. used to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone versions prior to 26.0.1, 27.0.0, and 28.0.0 that stems from allowing requests with valid AWS signatures to provid...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

CVE-2025-65073

OpenStack Keystone prior to 26.0.1, 27.0.0, or 28.0.0 is vulnerable to requests to /v3/ec2tokens or /v3/s3tokens bearing a valid AWS Signature that can authorize access. The issue (CVE-2025-65073) enables unauthorized access and potential privilege escalation. CVSS v3.1 base score 7.5 (Network, h...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

Debian: Security Advisory (DSA-6056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6056-1] keystone security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2025 https://www.debian.org/security/faq -...

Debian dsa-6056 : keystone - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6056 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/...

DSA-6056-1 keystone - security update

Bulletin has no description...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990871 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in kspciequirk This code accidentally uses && where ||...

Debian: Security Advisory (DLA-4367-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4367-1] keystone security update

Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS Package : keystone Version : 2:18.1.0-1+deb11u2 CVE ID : not yet available Debian Bug : 1120053 A vulnerability was found in...

[SECURITY] [DLA 4366-1] swift update

Debian LTS Advisory DLA-4366-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS Package : swift Version : 2.26.0-10+deb11u2 CVE ID : Debian Bug : 1120057 Swift, an object storage service, requires an update ...

DLA-4367-1 keystone - security update

Bulletin has no description...

Debian dla-4366 : python3-swift - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4366 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4366-1 [email protected] https://www.debian.org/lts/security/...