Lucene search
K

1574 matches found

NVD
NVD
added 2026/05/28 7:16 p.m.17 views

CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

8.8CVSS0.00328EPSS
Exploits1References5
OSV
OSV
added 2026/05/28 7:16 p.m.3 views

PYSEC-2026-600

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

8.8CVSS5.9AI score0.00329EPSS
Exploits1References5
OSV
OSV
added 2026/05/28 7:16 p.m.4 views

PYSEC-2026-599

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the owner of the application credential. An attacker can authenticate with their own application...

8.8CVSS5.8AI score0.00303EPSS
Exploits1References3
OSV
OSV
added 2026/05/28 7:16 p.m.7 views

UBUNTU-CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

8.8CVSS5.8AI score0.00328EPSS
Exploits1References5
OSV
OSV
added 2026/05/28 7:16 p.m.10 views

UBUNTU-CVE-2026-42998

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the owner of the application credential. An attacker can authenticate with their own application...

8.8CVSS5.8AI score0.00303EPSS
Exploits1References5
OSV
OSV
added 2026/05/28 7:16 p.m.10 views

UBUNTU-CVE-2026-42999

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

8.8CVSS6AI score0.00329EPSS
Exploits1References5
OSV
OSV
added 2026/05/28 7:16 p.m.21 views

UBUNTU-CVE-2026-44394

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federated user rescopes a token via POST /v3/auth/tokens, the handlescopedtoken function in the mapped...

8.1CVSS5.8AI score0.00249EPSS
Exploits1References5
Chainguard
Chainguard
added 2026/05/28 1:18 p.m.10 views

GHSA-HHQ2-3832-XXCV vulnerabilities

Vulnerabilities for packages: openstack-keystone-2025.2-fips, openstack-keystone-2025.1, openstack-keystone-2026.1, openstack-keystone-2025.2, openstack-keystone-2025.1-fips...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/05/28 1:18 p.m.14 views

CVE-2026-43001 vulnerabilities

Vulnerabilities for packages: openstack-keystone-2025.2-fips, openstack-keystone-2025.1, openstack-keystone-2026.1, openstack-keystone-2025.2, openstack-keystone-2025.1-fips...

8CVSS6.1AI score0.00446EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/05/28 12:0 a.m.13 views

CVE-2026-42999

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

6CVSS6AI score0.00329EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/28 12:0 a.m.32 views

CVE-2026-44394

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federated user rescopes a token via POST /v3/auth/tokens, the handlescopedtoken function in the mapped...

6CVSS0.00249EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 12:0 a.m.10 views

CVE-2026-42998

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the owner of the application credential. An attacker can authenticate with their own application...

6CVSS5.8AI score0.00303EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/05/28 12:0 a.m.31 views

CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

6CVSS0.00328EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/28 12:0 a.m.30 views

CVE-2026-42999

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

6CVSS0.00329EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 12:0 a.m.7 views

CVE-2026-42999

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

6CVSS6AI score0.00329EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44464

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions 14.0.0 through 29.0.1 Description The RBAC policy enforcer in the enforce call function unconditionally merges the raw JSON request body into the policy enforcement dictionary using policy dict.updatejson input.copy...

8.8CVSS5.4AI score0.00329EPSS
Exploits1References16
Snyk
Snyk
added 2026/05/28 12:0 a.m.4 views

Insufficient Session Expiration

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Insufficient Session Expiration via the federated token rescoping process...

8.1CVSS6AI score0.00249EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/28 12:0 a.m.4 views

Incorrect Implementation of Authentication Algorithm

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm in the authenticatio...

8.8CVSS6AI score0.00303EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/28 12:0 a.m.3 views

Authorization Bypass Through User-Controlled Key

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via injection of arbitra...

8.8CVSS6.1AI score0.00329EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/28 12:0 a.m.4 views

Incorrect Privilege Assignment

Overview keystone is a package that provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. Affected versions of this package are vulnerable to Incorrect Privilege Assignment through the improper validation of delegat...

8.8CVSS6AI score0.00328EPSS
Exploits1References2
Rows per page
Query Builder