Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1
Typedeb
Namespacedebian
Namekeystone
Version2:22.0.2-0+deb12u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2:29.0.1-1
Latest_non_vulnerable_version2:29.0.1-1
Affected_by_vulnerabilities
0
url VCID-6wj2-abbb-xqf6
vulnerability_id VCID-6wj2-abbb-xqf6
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05506
published_at 2026-04-11T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05486
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05493
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06264
published_at 2026-04-21T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06101
published_at 2026-04-16T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
2
reference_url https://bugs.launchpad.net/keystone/+bug/2142138
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://bugs.launchpad.net/keystone/+bug/2142138
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
4
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
6
reference_url https://security.openstack.org/ossa/OSSA-2026-005.html
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://security.openstack.org/ossa/OSSA-2026-005.html
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/07/12
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/07/12
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
reference_id 1133118
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
reference_id 2451037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
10
reference_url https://github.com/advisories/GHSA-4phw-6824-6cfp
reference_id GHSA-4phw-6824-6cfp
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4phw-6824-6cfp
fixed_packages
0
url pkg:deb/debian/keystone@2:29.0.0-2
purl pkg:deb/debian/keystone@2:29.0.0-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2
1
url pkg:deb/debian/keystone@2:29.0.0-3
purl pkg:deb/debian/keystone@2:29.0.0-3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3
2
url pkg:deb/debian/keystone@2:29.0.1-1
purl pkg:deb/debian/keystone@2:29.0.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1
aliases CVE-2026-33551, GHSA-4phw-6824-6cfp
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wj2-abbb-xqf6
1
url VCID-93vc-hgec-nfe6
vulnerability_id VCID-93vc-hgec-nfe6
summary 
Openstack Keystone Incorrect Authorization vulnerability
A flaw was found in openstack-keystone, only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. A [patch](https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca) is available.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3563
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.1765
published_at 2026-04-01T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17539
published_at 2026-04-24T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17638
published_at 2026-04-13T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17689
published_at 2026-04-12T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17735
published_at 2026-04-11T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17717
published_at 2026-04-09T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17656
published_at 2026-04-08T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17566
published_at 2026-04-07T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17866
published_at 2026-04-04T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17812
published_at 2026-04-02T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17628
published_at 2026-04-21T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17593
published_at 2026-04-18T12:55:00Z
12
value 0.00056
scoring_system epss
scoring_elements 0.17584
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
3
reference_url https://bugs.launchpad.net/ossa/+bug/1901891
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1901891
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
9
reference_url https://opendev.org/openstack/keystone
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone
10
reference_url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
11
reference_url https://review.opendev.org/c/openstack/keystone/+/803641
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/803641
12
reference_url https://review.opendev.org/c/openstack/keystone/+/828595
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/828595
13
reference_url https://review.opendev.org/c/openstack/keystone/+/856489
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/856489
14
reference_url https://security-tracker.debian.org/tracker/CVE-2021-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2021-3563
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
reference_id 989998
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
16
reference_url https://security.archlinux.org/AVG-1979
reference_id AVG-1979
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1979
17
reference_url https://github.com/advisories/GHSA-cc99-whm5-mmq3
reference_id GHSA-cc99-whm5-mmq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cc99-whm5-mmq3
18
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
0
url pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1
purl pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1
aliases CVE-2021-3563, GHSA-cc99-whm5-mmq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93vc-hgec-nfe6
Fixing_vulnerabilities
0
url VCID-r25g-be38-b3be
vulnerability_id VCID-r25g-be38-b3be
summary 
OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65073.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65073.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-65073
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07203
published_at 2026-04-18T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07287
published_at 2026-04-24T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07208
published_at 2026-04-16T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-21T12:55:00Z
4
value 0.00049
scoring_system epss
scoring_elements 0.15139
published_at 2026-04-09T12:55:00Z
5
value 0.00049
scoring_system epss
scoring_elements 0.14999
published_at 2026-04-07T12:55:00Z
6
value 0.00049
scoring_system epss
scoring_elements 0.15087
published_at 2026-04-08T12:55:00Z
7
value 0.00049
scoring_system epss
scoring_elements 0.15105
published_at 2026-04-11T12:55:00Z
8
value 0.00049
scoring_system epss
scoring_elements 0.15006
published_at 2026-04-13T12:55:00Z
9
value 0.00049
scoring_system epss
scoring_elements 0.15126
published_at 2026-04-02T12:55:00Z
10
value 0.00049
scoring_system epss
scoring_elements 0.15067
published_at 2026-04-12T12:55:00Z
11
value 0.00049
scoring_system epss
scoring_elements 0.15193
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-65073
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65073
3
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
4
reference_url https://www.openwall.com/lists/oss-security/2025/11/04/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-17T16:34:17Z/
url https://www.openwall.com/lists/oss-security/2025/11/04/2
5
reference_url http://www.openwall.com/lists/oss-security/2025/11/17/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/11/17/6
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120053
reference_id 1120053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120053
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2415344
reference_id 2415344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2415344
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-65073
reference_id CVE-2025-65073
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-65073
9
reference_url https://github.com/advisories/GHSA-hcqg-5g63-7j9h
reference_id GHSA-hcqg-5g63-7j9h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hcqg-5g63-7j9h
10
reference_url https://access.redhat.com/errata/RHSA-2026:1958
reference_id RHSA-2026:1958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1958
11
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
0
url pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1
purl pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
1
vulnerability VCID-93vc-hgec-nfe6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1
aliases CVE-2025-65073, GHSA-hcqg-5g63-7j9h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r25g-be38-b3be
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1