5 matches found
[SECURITY] [DLA 3714-1] keystone security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3714-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès January 21, 2024 https://wiki.debian.org/LTS -...
a10-octavia (>=1.0.0 <=1.3.3) potentially affected by CVE-2021-38155 via keystone (=15.0.1)
keystone PYPI version =15.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on keystone and may be impacted: - a10-octavia =1.0.0, =1.3.3 Source cves: CVE-2021-38155 Source advisory: OSV:GHSA-4225-97PR-RR52...
a10-octavia (>=2.0.0 <=2.2.0) potentially affected by CVE-2021-38155 via keystone (=18.0.0)
keystone PYPI version =18.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on keystone and may be impacted: - a10-octavia =2.0.0, =2.2.0 Source cves: CVE-2021-38155 Source advisory: OSV:GHSA-4225-97PR-RR52...
CVE-2021-38155
creationtimestamp| type| source ---|---|--- 2021-08-07 00:33:14+00:00| seen| https://t.me/cibsecurity/26962...
CVE-2021-38155
CVE-2021-38155 affects OpenStack Keystone 10.x–19.x; an unauthenticated actor can confirm account existence and retrieve the account UUID by guessing the account name and triggering repeated failed authentications, when security_compliance.lockout_failure_attempts is enabled. Connected advisories...