473 matches found
EUVD-2022-3144
Malicious code in bioql PyPI...
EUVD-2022-5723
Malicious code in bioql PyPI...
EUVD-2022-2419
Malicious code in bioql PyPI...
EUVD-2022-4547
Malicious code in bioql PyPI...
EUVD-2022-5747
Malicious code in bioql PyPI...
EUVD-2022-4623
Malicious code in bioql PyPI...
EUVD-2022-5025
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-38155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account...
Linux Distros Unpatched Vulnerability : CVE-2018-20170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST...
Linux Distros Unpatched Vulnerability : CVE-2020-12689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can...
Linux Distros Unpatched Vulnerability : CVE-2020-12690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when a...
Linux Distros Unpatched Vulnerability : CVE-2020-12691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that...
Linux Distros Unpatched Vulnerability : CVE-2020-12692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can...
TencentOS Server 4: openstack-keystone (TSSA-2025:0054)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0054 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
RHEL 6 : openstack-keystone (RHSA-2013:1083)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1083 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...
Linux Distros Unpatched Vulnerability : CVE-2021-3563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity...
RHEL 6 : openstack-keystone (RHSA-2012:1557)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1557 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity,...
RHEL 7 : openstack-keystone (RHSA-2017:1597)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1597 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The...
RHEL 6 : openstack-keystone (RHSA-2014:0113)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0113 advisory. The openstack-keystone packages provide keystone, a Python implementation of the OpenStack Identity service API, which provides Identity, Token,...