Search CVE reports
1 – 4 of 4 results
An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize...
1 affected package
python-keystonemiddleware
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-keystonemiddleware | Vulnerable | Not affected | Not affected | Not affected |
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly...
2 affected packages
keystone, python-keystonemiddleware
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| keystone | — | — | — | — |
| python-keystonemiddleware | — | — | — | — |
Some fixes available 3 of 5
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless...
2 affected packages
python-keystoneclient, python-keystonemiddleware
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-keystoneclient | — | — | — | — |
| python-keystonemiddleware | — | — | — | — |
Some fixes available 1 of 3
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the...
2 affected packages
python-keystoneclient, python-keystonemiddleware
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-keystoneclient | — | — | — | — |
| python-keystonemiddleware | — | — | — | — |