python-keystoneclient is vulnerable to authorization bypass via token reuse. The vulnerability exists as authorization tokens were not invalidated when it was supposed to.
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securityfocus.com/bid/80498
bugs.launchpad.net/keystone/+bug/1490804
github.com/openstack/python-keystoneclient/commit/cb7863235025a48741128dcd387a3d307ab3a666
security.openstack.org/ossa/OSSA-2016-005.html
wiki.openstack.org/wiki/OSSN/OSSN-0062