keystonemiddleware (=1.3.2), python-ceilometerclient (=1.0.15) +3 more potentially affected by CVE-2014-7144 via python-keystoneclient (>=1.1.0 <=1.1.1)

python-keystoneclient PYPI version =1.1.0, =0.9.4, =0.9.9 - python-neutronclient =2.3.12 Source cves: CVE-2014-7144 Source advisory: OSV:GHSA-7F2C-VP52-GMFW...

DEBIAN-CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

PYSEC-2014-69

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

DEBIAN-CVE-2013-2013

The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...

PYSEC-2013-24

The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...