Ubuntu: Security Advisory (USN-7926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-65073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

GHSA-HCQG-5G63-7J9H OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

Access Control Bypass

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Access Control Bypass via the ec2tokens or s3tokens process when a reques...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

EUVD-2025-197772

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

CVE-2025-65073

OpenStack Keystone prior to 26.0.1, 27.0.0, or 28.0.0 is vulnerable to requests to /v3/ec2tokens or /v3/s3tokens bearing a valid AWS Signature that can authorize access. The issue (CVE-2025-65073) enables unauthorized access and potential privilege escalation. CVSS v3.1 base score 7.5 (Network, h...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

[SECURITY] [DSA 6056-1] keystone security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2025 https://www.debian.org/security/faq -...

Debian dsa-6056 : keystone - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6056 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/...

[SECURITY] [DLA 4366-1] swift update

Debian LTS Advisory DLA-4366-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS Package : swift Version : 2.26.0-10+deb11u2 CVE ID : Debian Bug : 1120057 Swift, an object storage service, requires an update ...

Debian dla-4366 : python3-swift - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4366 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4366-1 [email protected] https://www.debian.org/lts/security/...

Ubuntu 24.04 LTS / 25.04 / 25.10 : OpenStack Keystone vulnerability (USN-7857-1)

The remote Ubuntu 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7857-1 advisory. Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to...

USN-7857-1 keystone vulnerability

Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to obtain unauthorized access and escalate privileges...

PT-2025-47130

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 26.0.1 OpenStack Keystone versions 27.0.0 OpenStack Keystone versions 28.0.0 keystone version 2:18.1.0-1+deb11u2 for Debian 11 bullseye Description The identity service, keystone, contains a flaw where...

SUSE CVE-2013-6391

The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

Privilege Escalation

openstack-keystone is vulnerable to privilege escalation attacks. The vulnerability exists as the ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain...

DEBIAN-CVE-2013-6391

The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

Cross site request forgery (csrf)

The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...