Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-12690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when a...

8.8CVSS7.6AI score0.01896EPSS
Exploits0References2
Redos
Redos
added 2025/04/03 12:0 a.m.23 views

ROS-20250403-14

Vulnerability in the OpenSearch software package due to a problem in the implementation of Field Level Security FLS. Field Level Security FLS. Exploitation of the vulnerability could allow an attacker to obtain sensitive data Vulnerability in the OpenSearch software package due to missing spaces ...

8.8CVSS7.1AI score0.00821EPSS
Exploits0
OSV
OSV
added 2022/05/13 1:26 a.m.7 views

GHSA-274V-R947-V34R OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS6.3AI score0.02308EPSS
Exploits1References7
OSV
OSV
added 2020/05/07 12:15 a.m.2 views

DEBIAN-CVE-2020-12690

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. Th...

8.8CVSS7AI score0.01896EPSS
Exploits0References1
PyPA
PyPA
added 2020/05/07 12:15 a.m.6 views

PYSEC-2020-54

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. Th...

8.8CVSS7.6AI score0.01896EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder