43 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the memb...
CVE-2026-43000
CVE-2026-43000 affects OpenStack Keystone (identity service). Affected: Keystone before 29.0.2. The issue arises when an impersonation vulnerability in application credentials is chained with Keystone trusts, allowing a user with member role to escalate to admin by delegating the victim's admin r...
Insufficient Session Expiration
Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Insufficient Session Expiration via the federated token rescoping process...
a10-octavia (>=1.0.0 <=2.2.0), gadgetfinder (>=0.0.1 <=1.0.0) +3 more potentially affected by CVE-2026-43001 via keystone (>=15.0.1 <=29.0.1)
keystone PYPI version =15.0.1, =1.0.0, =0.0.1, =0.1.0, =0.1.0, =1.12.0 Source cves: CVE-2026-43001 Source advisory: SNYK:PYTHON-KEYSTONE-16479530...
a10-octavia (>=1.0.0 <=2.2.0), gadgetfinder (>=0.0.1 <=1.0.0) +3 more potentially affected by CVE-2026-43001 via keystone (>=15.0.1 <=29.0.1)
keystone PYPI version =15.0.1, =1.0.0, =0.0.1, =0.1.0, =0.1.0, =1.12.0 Source cves: CVE-2026-43001 Source advisory: OSV:GHSA-HHQ2-3832-XXCV...
PT-2026-31855
Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0 Description A flaw exists in OpenStack Keystone where restricted application credentials can be used to create EC2 credentials. An authenticated user with a...
CVE-2022-0087
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2025-65073 via keystone (>=15.0.1 <=18.0.0)
keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2025-65073 Source advisory: SNYK:PYTHON-KEYSTONE-14038400...
Keystone 安全漏洞
Keystone is a powerful CMS open source for OpenStack. used to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone versions prior to 26.0.1, 27.0.0, and 28.0.0 that stems from allowing requests with valid AWS signatures to provid...
[SECURITY] [DSA 6056-1] keystone security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2025 https://www.debian.org/security/faq -...
Debian dsa-6056 : keystone - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6056 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/...
[SECURITY] [DLA 4367-1] keystone security update
Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS Package : keystone Version : 2:18.1.0-1+deb11u2 CVE ID : not yet available Debian Bug : 1120053 A vulnerability was found in...
Debian dla-4367 : keystone - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4367 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/...
PT-2025-47130
Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 26.0.1 OpenStack Keystone versions 27.0.0 OpenStack Keystone versions 28.0.0 keystone version 2:18.1.0-1+deb11u2 for Debian 11 bullseye Description The identity service, keystone, contains a flaw where...
EUVD-2020-0097
Malware in sbrugna...
EUVD-2013-0017
Malware in sbrugna...
EUVD-2014-3519
Malware in sbrugna...
EUVD-2022-3144
Malicious code in bioql PyPI...
EUVD-2022-4547
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-12691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that...