87 matches found
EUVD-2019-0116
Malware in sbrugna...
EUVD-2013-0032
Malware in sbrugna...
RHEL 6 / 7 : python-keystoneclient (RHSA-2015:1685)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1685 advisory. Python-keystoneclient is a client library and a command-line utility for interacting with the OpenStack Identity API. It was discovered that some...
RHEL 6 : python-keystoneclient (RHSA-2013:0944)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0944 advisory. Python-keystoneclient is the client library and command line utility for interacting with the OpenStack identity API. A flaw in Keystone allowed an...
RHEL 6 : python-keystoneclient (RHSA-2014:0382)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0382 advisory. Python-keystoneclient is a client library and a command line utility for interacting with the OpenStack Identity API. The OpenStack Identity authtoke...
RHSA-2015:1685 Red Hat Security Advisory: python-keystoneclient security update
Bulletin has no description...
RHSA-2014:1784 Red Hat Security Advisory: python-keystoneclient security and bug fix update
Bulletin has no description...
RHSA-2014:1783 Red Hat Security Advisory: python-keystoneclient security and bug fix update
Bulletin has no description...
RHSA-2014:0409 Red Hat Security Advisory: python-keystoneclient security update
Bulletin has no description...
RHSA-2014:0382 Red Hat Security Advisory: python-keystoneclient security update
Bulletin has no description...
RHSA-2014:0442 Red Hat Security Advisory: python-keystoneclient security update
Bulletin has no description...
RHSA-2013:0944 Red Hat Security Advisory: python-keystoneclient security and bug fix update
Bulletin has no description...
OPENSUSE-SU-2024:10471-1 python-keystoneclient-3.5.0-1.1 on GA media
These are all security issues fixed in the python-keystoneclient-3.5.0-1.1 package on the GA media of openSUSE Tumbleweed...
RHEL 7 : python-keystoneclient (RHSA-2014:1784)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1784 advisory. Python-keystoneclient is a client library and a command line utility for interacting with the OpenStack Identity API. It was found that...
SUSE CVE-2013-2104
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
SUSE CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
SUSE CVE-2015-1852
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
python-keystoneclient missing expiration check in PKI token validation
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
keystonemiddleware (>=1.3.2 <=1.5.3), python-ceilometerclient (>=1.0.14 <=1.1.2) +7 more potentially affected by CVE-2015-1852 via python-keystoneclient (>=1.1.0 <=1.3.4)
python-keystoneclient PYPI version =1.1.0, =1.3.2, =1.0.14, =1.1.2, =0.14.3, =0.9.4, =0.5.8, =2.23.2, =1.0.4, =1.0.5 Source cves: CVE-2015-1852 Source advisory: OSV:GHSA-P9WQ-MJH8-Q72M...
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...