pkg:Debian/keystone

共 56 筆 CVECRITICAL2HIGH16MEDIUM18LOW1

✅ 檢查你的版本

所有已知漏洞

CRITICAL9.1CVE-2021-3563keystone - security update
from 0, < 2:14.2.0-0+deb10u2
CRITICAL9.1CVE-2021-3563keystone - security update
from 0
HIGH8.8CVE-2020-12691OpenStack Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID
from 0, < 2:17.0.0~rc2-1
HIGH8.8CVE-2020-12689keystone - security update
from 0, < 2:17.0.0~rc2-1
HIGH8.8CVE-2020-12689keystone - security update
from 0, < 2:14.2.0-0+deb10u1
HIGH8.8CVE-2019-19687OpenStack Keystone Credential Leakage
from 0, < 2:16.0.0-5
HIGH8.8CVE-2020-12690Insufficient Session Expiration in OpenStack Keystone
from 0, < 2:17.0.0~rc2-1
HIGH7.9CVE-2026-43001OpenStack Keystone has an Incorrect Authorization Issue
from 0
HIGH7.7CVE-2026-40683OpenStack Keystone: LDAP identity backend does not convert enabled attribute to boolean
from 0
HIGH7.5CVE-2025-65073keystone - security update
from 0, < 2:18.1.0-1+deb11u2
HIGH7.5CVE-2025-65073keystone - security update
from 0, < 2:22.0.2-0+deb12u1
HIGH7.5CVE-2025-65073keystone - security update
from 0, < 2:18.1.0-1+deb11u2
HIGH7.5CVE-2021-38155OpenStack Keystone allows information disclosure during account locking
from 0, < 2:18.0.0-3+deb11u1
HIGH7.5CVE-2012-3542OpenStack Keystone Allows Remote User Account Creation
from 0, < 2012.1.1-5
HIGH7.5CVE-2014-2828OpenStack Identity (Keystone) DoS through V3 API authentication chaining
from 0, < 2014.1-1
HIGH7.5CVE-2015-7546OpenStack Identity Keystone and keystonemiddleware Insufficiently Protected Credentials
from 0, < 2:9.0.0~rc2-1
HIGH7.5CVE-2012-1572OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
from 0, < 2012.1~rc2-1
HIGH7.2CVE-2017-2673OpenStack Identity service (keystone) Incorrect Authorization
from 0, < 2:10.0.0-9
MEDIUM6.5CVE-2014-5252OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events
from 0, < 2014.1.2.1-1
MEDIUM6.5CVE-2014-5251OpenStack Identity (Keystone) Multiple vulnerabilities in revocation events
from 0, < 2014.1.2.1-1
MEDIUM6.5CVE-2014-5253OpenStack Keystone Domain-scoped tokens don't get revoked
from 0, < 2014.1.2.1-1
MEDIUM6.5CVE-2014-2237OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend
from 0, < 2013.2.3-1
MEDIUM6.5CVE-2013-0270OpenStack Keystone Denial of Service vulnerability via a large HTTP request
from 0, < 2013.1.1-2
MEDIUM6.0CVE-2026-44394An issue was discovered in OpenStack Keystone before 29.0.2.
from 0
MEDIUM6.0CVE-2026-43000An issue was discovered in OpenStack Keystone before 29.0.2.
from 0
MEDIUM6.0CVE-2026-42999An issue was discovered in OpenStack Keystone before 29.0.2.
from 0
MEDIUM6.0CVE-2026-42998An issue was discovered in OpenStack Keystone before 29.0.2.
from 0
MEDIUM6.0CVE-2014-0105python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware
from 0, < 2013.1.1-2
MEDIUM5.9CVE-2013-2255OpenStack Keystone and other components vulnerable to Improper Certificate Validation
from 0, < 2014.1-1
MEDIUM5.4CVE-2020-12692OpenStack Keystone does not check signature TTL of the EC2 credential auth method
from 0, < 2:17.0.0~rc2-1
MEDIUM5.4CVE-2012-5571OpenStack Keystone intended authorization restrictions bypass
from 0, < 2012.1.1-11
MEDIUM5.3CVE-2013-4294OpenStack Identity (Keystone) allows remote attackers to bypass intended access restrictions via revoked PKI token
from 0, < 2013.1.3-2
MEDIUM5.3CVE-2018-14432keystone - security update
from 0, < 2:10.0.0-9+deb9u1
MEDIUM5.3CVE-2018-14432keystone - security update
from 0, < 2:13.0.0-7
MEDIUM4.3CVE-2016-4911OpenStack Identity Keystone Improper Access Control
from 0, < 2:9.0.0-2
MEDIUM4.3CVE-2013-2059OpenStack Identity (Keystone) improper revoking of the authentication token when deleting a user
from 0, < 2013.1.1-2
LOW3.5CVE-2026-33551OpenStack Keystone: Restricted application credentials can create EC2 credentials
from 0
—CVE-2012-3426OpenStack Keystone token expiration issues
from 0, < 2012.1.1-1
—CVE-2013-1664XML Entity Expansion (XEE) in Django
from 0, < 2012.1.1-13
—CVE-2013-1665XML External Entity (XXE) in Django
from 0, < 2012.1.1-13
—CVE-2013-4477OpenStack Identity Keystone Privilege Escalation vulnerability
from 0, < 2013.2-2
—CVE-2013-2006OpenStack Keystone Sensitive information disclosure via log files
from 0, < 2013.1.1-2
—CVE-2012-4413OpenStack Keystone does not invalidate existing tokens when granting or revoking roles
from 0, < 2012.1.1-6
—CVE-2012-4457OpenStack Keystone Token authorization for a user in a disabled tenant is allowed
from 0, < 2012.1.1-9
—CVE-2012-4456OpenStack Keystone Improper Authentication vulnerability
from 0, < 2012.1.1-9
—CVE-2014-0204OpenStack Identity Keystone Improper Privilege Management
from 0, < 2014.1-5
—CVE-2014-3621OpenStack Identity Keystone Exposure of Sensitive Information
from 0, < 2014.1.3-1
—CVE-2015-3646OpenStack Keystone Logs Passwords
from 0, < 2015.1.0-1
—CVE-2014-3476OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege
from 0, < 2014.1.1-2
—CVE-2013-2014OpenStack Identity (Keystone) Denial of Service
from 0, < 2013.1.1-2
—CVE-2013-0282OpenStack Keystone allows context-dependent attackers to bypass access restrictions
from 0, < 2012.1.1-13
—CVE-2014-3520OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain…
from 0, < 2014.1.1-3
—CVE-2013-6391The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped tok…
from 0, < 2013.2.1-1
—CVE-2013-4222OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a…
from 0, < 2013.1.3-1
—CVE-2013-2157OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass a…
from 0, < 2013.1.2-1
—CVE-2013-0247OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to ca…
from 0, < 2012.1.1-12