Linux Distros Unpatched Vulnerability : CVE-2026-43000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the memb...

CVE-2026-43000

CVE-2026-43000 affects OpenStack Keystone (identity service). Affected: Keystone before 29.0.2. The issue arises when an impersonation vulnerability in application credentials is chained with Keystone trusts, allowing a user with member role to escalate to admin by delegating the victim's admin r...

a10-octavia (>=1.0.0 <=2.2.0), gadgetfinder (>=0.0.1 <=1.0.0) +3 more potentially affected by CVE-2026-43001 via keystone (>=15.0.1 <=29.0.1)

keystone PYPI version =15.0.1, =1.0.0, =0.0.1, =0.1.0, =0.1.0, =1.12.0 Source cves: CVE-2026-43001 Source advisory: SNYK:PYTHON-KEYSTONE-16479530...

a10-octavia (>=1.0.0 <=2.2.0), gadgetfinder (>=0.0.1 <=1.0.0) +3 more potentially affected by CVE-2026-43001 via keystone (>=15.0.1 <=29.0.1)

keystone PYPI version =15.0.1, =1.0.0, =0.0.1, =0.1.0, =0.1.0, =1.12.0 Source cves: CVE-2026-43001 Source advisory: OSV:GHSA-HHQ2-3832-XXCV...

PT-2026-31855

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0 Description A flaw exists in OpenStack Keystone where restricted application credentials can be used to create EC2 credentials. An authenticated user with a...

CVE-2022-0087

keystone is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2025-65073 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2025-65073 Source advisory: SNYK:PYTHON-KEYSTONE-14038400...

Keystone 安全漏洞

Keystone is a powerful CMS open source for OpenStack. used to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone versions prior to 26.0.1, 27.0.0, and 28.0.0 that stems from allowing requests with valid AWS signatures to provid...

[SECURITY] [DSA 6056-1] keystone security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2025 https://www.debian.org/security/faq -...

Debian dsa-6056 : keystone - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6056 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6056-1 [email protected] https://www.debian.org/security/...

[SECURITY] [DLA 4367-1] keystone security update

Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS Package : keystone Version : 2:18.1.0-1+deb11u2 CVE ID : not yet available Debian Bug : 1120053 A vulnerability was found in...

Debian dla-4367 : keystone - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4367 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/...

PT-2025-47130

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 26.0.1 OpenStack Keystone versions 27.0.0 OpenStack Keystone versions 28.0.0 keystone version 2:18.1.0-1+deb11u2 for Debian 11 bullseye Description The identity service, keystone, contains a flaw where...

EUVD-2020-0097

Malware in sbrugna...

EUVD-2014-3519

Malware in sbrugna...

EUVD-2013-0017

Malware in sbrugna...

EUVD-2022-3144

Malicious code in bioql PyPI...

EUVD-2022-4547

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-12691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that...

TencentOS Server 4: openstack-keystone (TSSA-2025:0055)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0055 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...