keystonemiddleware (=1.3.2), python-ceilometerclient (=1.0.15) +3 more potentially affected by CVE-2014-7144 via python-keystoneclient (>=1.1.0 <=1.1.1)

python-keystoneclient PYPI version =1.1.0, =0.9.4, =0.9.9 - python-neutronclient =2.3.12 Source cves: CVE-2014-7144 Source advisory: OSV:GHSA-7F2C-VP52-GMFW...

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2012-4413 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2012-4413 Source advisory: OSV:GHSA-MRXV-65RV-6HXQ...

openSUSE Security Update : openstack-keystone (openSUSE-SU-2013:1089-1)

This update of openstack-keystone fixes two security vulnerabilities. - Add CVE-2013-2104.patch: fix missing expiration check in Keystone PKI token validation CVE-2013-2104, bnc821201 - Add CVE-2013-2157.patch: fix authentication bypass when using LDAP backend CVE-2013-2157, bnc823783 %NASLMINLEV...

DEBIAN-CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

PYSEC-2014-69

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

DEBIAN-CVE-2013-2013

The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...

PYSEC-2013-24

The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...

Ubuntu: Security Advisory (USN-1772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS / 12.10 : keystone vulnerability (USN-1715-1)

Dan Prince discovered that Keystone did not properly perform input validation when handling certain error conditions. An unauthenticated user could exploit this to cause a denial of service in Keystone API servers via disk space exhaustion. Note that Tenable Network Security has extracted the...

Ubuntu Update for keystone USN-1641-1

Ubuntu Update for Linux kernel vulnerabilities USN-1641-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16411.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for keystone USN-1641-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Thi...