GHSA-4PHW-6824-6CFP OpenStack Keystone: Restricted application credentials can create EC2 credentials

An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role...

CVE-2026-33551

An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role...

EUVD-2015-8348

Malware in sbrugna...

RHEL 6 : openstack-swift-plugin-swift3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-swift-plugin3: replay attack - date/date header unvalidated CVE-2015-8466 Note that Nessus has not tested...

SUSE-SU-2023:0323-1 Security update for python-swift3

This update for python-swift3 fixes the following issues: - CVE-2022-47950: Fixed an issue that could allow a remote attacker to disclose local file contents via a crafted XML file bsc1207035...

PT-2023-1506 · Openstack +2 · Openstack Swift +2

Name of the Vulnerable Software and Affected Versions: OpenStack Swift versions prior to 2.28.1 OpenStack Swift versions 2.29.x prior to 2.29.2 OpenStack Swift version 2.30.0 Description: The issue is related to the S3 API interface of the OpenStack Swift distributed object storage system. It...

Fedora 23 : openstack-swift-plugin-swift3-1.9-1.fc23 (2015-1ca595f821)

Update to upstream 1.9 includes security fix for CVE-2015-8466 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

UBUNTU-CVE-2015-8466

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

CVE-2015-8466

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

CVE-2015-8466

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

Authorization

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

CVE-2015-8466

CVE-2015-8466 affects OpenStack Swift3 (S3 compatibility) middleware, allowing a remote replay attack when an Authorization request lacks a Date header. The issue is in Swift3 by default up to version 1.9. Public fixes are available in upstream Swift3 release 1.9. Debian lists fixed packages 1.7-...

CVE-2015-8466

Removed by vendor...

CVE-2015-8466

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

[SECURITY] Fedora 23 Update: openstack-swift-plugin-swift3-1.9-1.fc23

The swift3 plugin permits accessing Openstack Swift via the Amazon S3 API...