Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/keystone@14.0.0
Typepypi
Namespace
Namekeystone
Version14.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-3umd-756n-qqbx
vulnerability_id VCID-3umd-756n-qqbx
summary In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration option is False (the default). The _ldap_res_to_model method in the UserApi class only performed string-to-boolean conversion when user_enabled_invert was True. When False, the raw string value from LDAP (e.g., "FALSE") was used directly. Since non-empty strings are truthy in Python, users marked as disabled in LDAP were treated as enabled by Keystone, allowing them to authenticate and perform actions. All deployments using the LDAP identity backend without user_enabled_invert=True or user_enabled_emulation are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40683.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40683.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40683
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.06089
published_at 2026-06-11T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.06092
published_at 2026-06-14T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.06103
published_at 2026-06-13T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0611
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40683
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40683
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40683
3
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40683
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40683
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133884
reference_id 1133884
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133884
6
reference_url https://bugs.launchpad.net/keystone/+bug/2121152
reference_id 2121152
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T20:14:37Z/
url https://bugs.launchpad.net/keystone/+bug/2121152
7
reference_url https://bugs.launchpad.net/keystone/+bug/2141713
reference_id 2141713
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T20:14:37Z/
url https://bugs.launchpad.net/keystone/+bug/2141713
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458472
reference_id 2458472
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458472
9
reference_url https://www.openwall.com/lists/oss-security/2026/04/14/9
reference_id 9
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T20:14:37Z/
url https://www.openwall.com/lists/oss-security/2026/04/14/9
10
reference_url https://review.opendev.org/958205
reference_id 958205
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T20:14:37Z/
url https://review.opendev.org/958205
11
reference_url https://github.com/advisories/GHSA-pfx2-9x9m-7ghx
reference_id GHSA-pfx2-9x9m-7ghx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pfx2-9x9m-7ghx
fixed_packages
0
url pkg:pypi/keystone@28.0.1
purl pkg:pypi/keystone@28.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ngkx-25ft-8qhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@28.0.1
1
url pkg:pypi/keystone@29.0.0.0rc1
purl pkg:pypi/keystone@29.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ngkx-25ft-8qhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@29.0.0.0rc1
aliases CVE-2026-40683, GHSA-pfx2-9x9m-7ghx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3umd-756n-qqbx
1
url VCID-91cc-hzfb-3kek
vulnerability_id VCID-91cc-hzfb-3kek
summary OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:4358
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4358
1
reference_url https://bugs.launchpad.net/keystone/+bug/1855080
reference_id
reference_type
scores
url https://bugs.launchpad.net/keystone/+bug/1855080
2
reference_url https://review.opendev.org/#/c/697355/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697355/
3
reference_url https://review.opendev.org/#/c/697611/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697611/
4
reference_url https://review.opendev.org/#/c/697731/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697731/
5
reference_url https://security.openstack.org/ossa/OSSA-2019-006.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2019-006.html
6
reference_url https://usn.ubuntu.com/4262-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4262-1/
7
reference_url http://www.openwall.com/lists/oss-security/2019/12/11/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/12/11/8
fixed_packages
0
url pkg:pypi/keystone@16.0.1
purl pkg:pypi/keystone@16.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-bbem-sea4-3ub4
2
vulnerability VCID-c18s-qdf4-3kdh
3
vulnerability VCID-esad-mak2-8bg2
4
vulnerability VCID-fhme-n8v8-ybev
5
vulnerability VCID-kzaw-9ex3-s3d5
6
vulnerability VCID-ngkx-25ft-8qhj
7
vulnerability VCID-nmb8-wq4u-2ug7
8
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.1
aliases PYSEC-2019-99
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91cc-hzfb-3kek
2
url VCID-bbem-sea4-3ub4
vulnerability_id VCID-bbem-sea4-3ub4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38155
reference_id
reference_type
scores
0
value 0.01067
scoring_system epss
scoring_elements 0.7819
published_at 2026-06-12T12:55:00Z
1
value 0.01067
scoring_system epss
scoring_elements 0.78199
published_at 2026-06-14T12:55:00Z
2
value 0.01067
scoring_system epss
scoring_elements 0.78123
published_at 2026-06-11T12:55:00Z
3
value 0.01067
scoring_system epss
scoring_elements 0.78204
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38155
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38155
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38155
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
4
reference_url https://github.com/openstack/keystone/commit/1b573ae7d1c20e0ebfbde79bbe7538a09589c75d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/1b573ae7d1c20e0ebfbde79bbe7538a09589c75d
5
reference_url https://github.com/openstack/keystone/commit/8ab4eb27be4c13c9bab2b3ea700f00a190521bf8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/8ab4eb27be4c13c9bab2b3ea700f00a190521bf8
6
reference_url https://github.com/openstack/keystone/commit/ac2631ae33445877094cdae796fbcdce8833a626
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/ac2631ae33445877094cdae796fbcdce8833a626
7
reference_url https://launchpad.net/bugs/1688137
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1688137
8
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
9
reference_url https://security.openstack.org/ossa/OSSA-2021-003.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-003.html
10
reference_url http://www.openwall.com/lists/oss-security/2021/08/10/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/08/10/5
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992070
reference_id 992070
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992070
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-38155
reference_id CVE-2021-38155
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-38155
13
reference_url https://github.com/advisories/GHSA-4225-97pr-rr52
reference_id GHSA-4225-97pr-rr52
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4225-97pr-rr52
fixed_packages
0
url pkg:pypi/keystone@16.0.2
purl pkg:pypi/keystone@16.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-c18s-qdf4-3kdh
2
vulnerability VCID-esad-mak2-8bg2
3
vulnerability VCID-fhme-n8v8-ybev
4
vulnerability VCID-kzaw-9ex3-s3d5
5
vulnerability VCID-ngkx-25ft-8qhj
6
vulnerability VCID-nmb8-wq4u-2ug7
7
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.2
1
url pkg:pypi/keystone@17.0.1
purl pkg:pypi/keystone@17.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-c18s-qdf4-3kdh
2
vulnerability VCID-esad-mak2-8bg2
3
vulnerability VCID-fhme-n8v8-ybev
4
vulnerability VCID-kzaw-9ex3-s3d5
5
vulnerability VCID-ngkx-25ft-8qhj
6
vulnerability VCID-nmb8-wq4u-2ug7
7
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@17.0.1
2
url pkg:pypi/keystone@18.0.1
purl pkg:pypi/keystone@18.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@18.0.1
3
url pkg:pypi/keystone@18.1.0
purl pkg:pypi/keystone@18.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-c18s-qdf4-3kdh
2
vulnerability VCID-esad-mak2-8bg2
3
vulnerability VCID-fhme-n8v8-ybev
4
vulnerability VCID-kzaw-9ex3-s3d5
5
vulnerability VCID-ngkx-25ft-8qhj
6
vulnerability VCID-nmb8-wq4u-2ug7
7
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@18.1.0
4
url pkg:pypi/keystone@19.0.1
purl pkg:pypi/keystone@19.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-esad-mak2-8bg2
2
vulnerability VCID-kzaw-9ex3-s3d5
3
vulnerability VCID-ngkx-25ft-8qhj
4
vulnerability VCID-nmb8-wq4u-2ug7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@19.0.1
5
url pkg:pypi/keystone@20.0.0.0rc1
purl pkg:pypi/keystone@20.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-c18s-qdf4-3kdh
2
vulnerability VCID-esad-mak2-8bg2
3
vulnerability VCID-fhme-n8v8-ybev
4
vulnerability VCID-kzaw-9ex3-s3d5
5
vulnerability VCID-ngkx-25ft-8qhj
6
vulnerability VCID-nmb8-wq4u-2ug7
7
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@20.0.0.0rc1
aliases CVE-2021-38155, GHSA-4225-97pr-rr52
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbem-sea4-3ub4
3
url VCID-c18s-qdf4-3kdh
vulnerability_id VCID-c18s-qdf4-3kdh
summary OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.
references
0
reference_url http://github.com/openstack/keystone/commit/58ac6691a21675be9e2ffb0f84a05fc3cd4d2e2e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/keystone/commit/58ac6691a21675be9e2ffb0f84a05fc3cd4d2e2e
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4413.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4413.json
2
reference_url https://access.redhat.com/security/cve/CVE-2012-4413
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-4413
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4413
reference_id
reference_type
scores
0
value 0.00428
scoring_system epss
scoring_elements 0.62883
published_at 2026-06-11T12:55:00Z
1
value 0.00428
scoring_system epss
scoring_elements 0.62985
published_at 2026-06-12T12:55:00Z
2
value 0.00428
scoring_system epss
scoring_elements 0.62997
published_at 2026-06-13T12:55:00Z
3
value 0.00428
scoring_system epss
scoring_elements 0.62992
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4413
4
reference_url https://bugs.launchpad.net/keystone/+bug/1041396
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1041396
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4413
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4413
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/78478
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/78478
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4413
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-4413
8
reference_url https://opendev.org/openstack/keystone
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone
9
reference_url https://review.opendev.org/c/openstack/keystone/+/12870
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/12870
10
reference_url https://review.opendev.org/c/openstack/keystone/+/12870/
reference_id
reference_type
scores
url https://review.opendev.org/c/openstack/keystone/+/12870/
11
reference_url https://web.archive.org/web/20121114023848/http://www.securityfocus.com/bid/55524
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121114023848/http://www.securityfocus.com/bid/55524
12
reference_url http://www.openwall.com/lists/oss-security/2012/09/12/7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/09/12/7
13
reference_url http://www.ubuntu.com/usn/USN-1564-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1564-1
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687428
reference_id 687428
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687428
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=855491
reference_id 855491
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=855491
16
reference_url https://github.com/advisories/GHSA-mrxv-65rv-6hxq
reference_id GHSA-mrxv-65rv-6hxq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mrxv-65rv-6hxq
17
reference_url https://access.redhat.com/errata/RHSA-2012:1378
reference_id RHSA-2012:1378
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2012:1378
18
reference_url https://usn.ubuntu.com/1564-1/
reference_id USN-1564-1
reference_type
scores
url https://usn.ubuntu.com/1564-1/
fixed_packages
0
url pkg:pypi/keystone@2012.1.3
purl pkg:pypi/keystone@2012.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@2012.1.3
aliases CVE-2012-4413, GHSA-mrxv-65rv-6hxq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c18s-qdf4-3kdh
4
url VCID-esad-mak2-8bg2
vulnerability_id VCID-esad-mak2-8bg2
summary An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role may obtain an EC2/S3 credential that carries the full set of the parent user's S3 permissions, effectively bypassing the role restrictions imposed on the application credential. Only deployments that use restricted application credentials in combination with the EC2/S3 compatibility API (swift3 / s3api) are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33551.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09396
published_at 2026-06-11T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09431
published_at 2026-06-14T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09443
published_at 2026-06-13T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09449
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33551
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33551
3
reference_url https://github.com/advisories/GHSA-4phw-6824-6cfp
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4phw-6824-6cfp
4
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2026-202.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2026-202.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33551
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/07/12
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/07/12
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
reference_id 1133118
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133118
9
reference_url https://bugs.launchpad.net/keystone/+bug/2142138
reference_id 2142138
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://bugs.launchpad.net/keystone/+bug/2142138
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
reference_id 2451037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451037
11
reference_url https://security.openstack.org/ossa/OSSA-2026-005.html
reference_id OSSA-2026-005.html
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:50:09Z/
url https://security.openstack.org/ossa/OSSA-2026-005.html
fixed_packages
0
url pkg:pypi/keystone@26.1.1
purl pkg:pypi/keystone@26.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ngkx-25ft-8qhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@26.1.1
1
url pkg:pypi/keystone@27.0.0.0rc1
purl pkg:pypi/keystone@27.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-ngkx-25ft-8qhj
2
vulnerability VCID-nmb8-wq4u-2ug7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@27.0.0.0rc1
aliases CVE-2026-33551, GHSA-4phw-6824-6cfp, PYSEC-2026-202
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esad-mak2-8bg2
5
url VCID-fhme-n8v8-ybev
vulnerability_id VCID-fhme-n8v8-ybev
summary OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly assigned to an open redirect issue, but the correct identifier for that issue is CVE-2012-3540.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3542.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3542.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3542
reference_id
reference_type
scores
0
value 0.01949
scoring_system epss
scoring_elements 0.83903
published_at 2026-06-12T12:55:00Z
1
value 0.01949
scoring_system epss
scoring_elements 0.83906
published_at 2026-06-14T12:55:00Z
2
value 0.01949
scoring_system epss
scoring_elements 0.8391
published_at 2026-06-13T12:55:00Z
3
value 0.01949
scoring_system epss
scoring_elements 0.83846
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3542
2
reference_url https://bugs.launchpad.net/keystone/+bug/1040626
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1040626
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3542
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3542
4
reference_url http://secunia.com/advisories/50467
reference_id
reference_type
scores
url http://secunia.com/advisories/50467
5
reference_url http://secunia.com/advisories/50494
reference_id
reference_type
scores
url http://secunia.com/advisories/50494
6
reference_url https://github.com/advisories/GHSA-gf2q-j2qq-pjf2
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gf2q-j2qq-pjf2
7
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
8
reference_url https://github.com/openstack/keystone/commit/5438d3b5a219d7c8fa67e66e538d325a61617155
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/5438d3b5a219d7c8fa67e66e538d325a61617155
9
reference_url https://github.com/openstack/keystone/commit/c13d0ba606f7b2bdc609a7f388334e5efec3f3aa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/c13d0ba606f7b2bdc609a7f388334e5efec3f3aa
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2012-19.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2012-19.yaml
11
reference_url https://lists.launchpad.net/openstack/msg16282.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg16282.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3542
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3542
13
reference_url https://web.archive.org/web/20121114023909/http://www.securityfocus.com/bid/55326
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121114023909/http://www.securityfocus.com/bid/55326
14
reference_url https://web.archive.org/web/20140802052724/http://secunia.com/advisories/50467
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140802052724/http://secunia.com/advisories/50467
15
reference_url https://web.archive.org/web/20140804204333/http://secunia.com/advisories/50494
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140804204333/http://secunia.com/advisories/50494
16
reference_url http://www.openwall.com/lists/oss-security/2012/08/30/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/08/30/6
17
reference_url http://www.securityfocus.com/bid/55326
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/55326
18
reference_url http://www.ubuntu.com/usn/USN-1552-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1552-1
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=852510
reference_id 852510
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=852510
20
reference_url https://access.redhat.com/errata/RHSA-2012:1378
reference_id RHSA-2012:1378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1378
21
reference_url https://usn.ubuntu.com/1552-1/
reference_id USN-1552-1
reference_type
scores
url https://usn.ubuntu.com/1552-1/
fixed_packages
0
url pkg:pypi/keystone@2012.1
purl pkg:pypi/keystone@2012.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zztx-mnd6-3qgp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@2012.1
aliases CVE-2012-3542, GHSA-gf2q-j2qq-pjf2, PYSEC-2012-19
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhme-n8v8-ybev
6
url VCID-jc9x-jf2k-t3h9
vulnerability_id VCID-jc9x-jf2k-t3h9
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12689.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12689
reference_id
reference_type
scores
0
value 0.01066
scoring_system epss
scoring_elements 0.78179
published_at 2026-06-12T12:55:00Z
1
value 0.01066
scoring_system epss
scoring_elements 0.78111
published_at 2026-06-11T12:55:00Z
2
value 0.01066
scoring_system epss
scoring_elements 0.78187
published_at 2026-06-14T12:55:00Z
3
value 0.01066
scoring_system epss
scoring_elements 0.78192
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12689
2
reference_url https://bugs.launchpad.net/keystone/+bug/1872735
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1872735
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-chgw-36xv-47cw
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-chgw-36xv-47cw
9
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
10
reference_url https://github.com/openstack/keystone/commit/37e9907a176dad6843819b1bec4946c3aecc4548
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/37e9907a176dad6843819b1bec4946c3aecc4548
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-53.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-53.yaml
12
reference_url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12689
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12689
14
reference_url https://security.openstack.org/ossa/OSSA-2020-004.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-004.html
15
reference_url https://usn.ubuntu.com/4480-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4480-1
16
reference_url https://usn.ubuntu.com/4480-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4480-1/
17
reference_url https://www.openwall.com/lists/oss-security/2020/05/06/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/05/06/5
18
reference_url http://www.openwall.com/lists/oss-security/2020/05/07/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/07/2
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1830396
reference_id 1830396
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1830396
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
reference_id 959900
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
21
reference_url https://access.redhat.com/errata/RHSA-2020:2732
reference_id RHSA-2020:2732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2732
22
reference_url https://access.redhat.com/errata/RHSA-2020:3096
reference_id RHSA-2020:3096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3096
23
reference_url https://access.redhat.com/errata/RHSA-2020:3102
reference_id RHSA-2020:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3102
24
reference_url https://access.redhat.com/errata/RHSA-2020:3105
reference_id RHSA-2020:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3105
fixed_packages
0
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-kzaw-9ex3-s3d5
7
vulnerability VCID-ngkx-25ft-8qhj
8
vulnerability VCID-nmb8-wq4u-2ug7
9
vulnerability VCID-saua-gpf5-2uhk
10
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
1
url pkg:pypi/keystone@16.0.1
purl pkg:pypi/keystone@16.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-bbem-sea4-3ub4
2
vulnerability VCID-c18s-qdf4-3kdh
3
vulnerability VCID-esad-mak2-8bg2
4
vulnerability VCID-fhme-n8v8-ybev
5
vulnerability VCID-kzaw-9ex3-s3d5
6
vulnerability VCID-ngkx-25ft-8qhj
7
vulnerability VCID-nmb8-wq4u-2ug7
8
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.1
aliases CVE-2020-12689, GHSA-chgw-36xv-47cw, PYSEC-2020-53
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc9x-jf2k-t3h9
7
url VCID-kzaw-9ex3-s3d5
vulnerability_id VCID-kzaw-9ex3-s3d5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3563.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.13003
published_at 2026-06-13T12:55:00Z
1
value 0.00041
scoring_system epss
scoring_elements 0.12898
published_at 2026-06-11T12:55:00Z
2
value 0.00041
scoring_system epss
scoring_elements 0.12982
published_at 2026-06-14T12:55:00Z
3
value 0.00041
scoring_system epss
scoring_elements 0.12993
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3563
2
reference_url https://bugs.launchpad.net/ossa/+bug/1901891
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1901891
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962908
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3563
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html
7
reference_url https://opendev.org/openstack/keystone
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone
8
reference_url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone/commit/7859ed26003858ebfd9a5e866b43f1a6a9e83dca
9
reference_url https://review.opendev.org/c/openstack/keystone/+/803641
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/803641
10
reference_url https://review.opendev.org/c/openstack/keystone/+/828595
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/828595
11
reference_url https://review.opendev.org/c/openstack/keystone/+/856489
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone/+/856489
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
reference_id 989998
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989998
13
reference_url https://security.archlinux.org/AVG-1979
reference_id AVG-1979
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1979
14
reference_url https://access.redhat.com/security/cve/CVE-2021-3563
reference_id CVE-2021-3563
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3563
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
reference_id CVE-2021-3563
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3563
16
reference_url https://security-tracker.debian.org/tracker/CVE-2021-3563
reference_id CVE-2021-3563
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2021-3563
17
reference_url https://github.com/advisories/GHSA-cc99-whm5-mmq3
reference_id GHSA-cc99-whm5-mmq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cc99-whm5-mmq3
18
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
aliases CVE-2021-3563, GHSA-cc99-whm5-mmq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzaw-9ex3-s3d5
8
url VCID-ngkx-25ft-8qhj
vulnerability_id VCID-ngkx-25ft-8qhj
summary An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credential for project A to create an EC2 credential targeting project B; a subsequent /v3/ec2tokens exchange would then issue a Keystone token scoped to project B while still carrying the original app_cred_id, enabling cross-project lateral movement within the credential owner's role footprint.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43001.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43001.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43001
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.0474
published_at 2026-06-11T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0708
published_at 2026-06-14T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.07087
published_at 2026-06-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.07093
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43001
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43001
reference_id
reference_type
scores
0
value 7.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43001
4
reference_url https://review.opendev.org/c/openstack/keystone
reference_id
reference_type
scores
0
value 7.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/keystone
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135645
reference_id 1135645
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135645
6
reference_url https://bugs.launchpad.net/keystone/+bug/2149775
reference_id 2149775
reference_type
scores
0
value 7.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T13:28:01Z/
url https://bugs.launchpad.net/keystone/+bug/2149775
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2464305
reference_id 2464305
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2464305
8
reference_url https://review.opendev.org/c/openstack/keystone/+/985804
reference_id 985804
reference_type
scores
0
value 7.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T13:28:01Z/
url https://review.opendev.org/c/openstack/keystone/+/985804
9
reference_url https://github.com/advisories/GHSA-hhq2-3832-xxcv
reference_id GHSA-hhq2-3832-xxcv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hhq2-3832-xxcv
10
reference_url https://security.openstack.org/ossa/OSSA-2026-015.html
reference_id OSSA-2026-015.html
reference_type
scores
0
value 7.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T13:28:01Z/
url https://security.openstack.org/ossa/OSSA-2026-015.html
fixed_packages
aliases CVE-2026-43001, GHSA-hhq2-3832-xxcv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngkx-25ft-8qhj
9
url VCID-nmb8-wq4u-2ug7
vulnerability_id VCID-nmb8-wq4u-2ug7
summary OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65073.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65073.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-65073
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09507
published_at 2026-06-12T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09454
published_at 2026-06-11T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.10264
published_at 2026-06-14T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.10281
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-65073
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65073
3
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
4
reference_url http://www.openwall.com/lists/oss-security/2025/11/17/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/11/17/6
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120053
reference_id 1120053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120053
6
reference_url https://www.openwall.com/lists/oss-security/2025/11/04/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-17T16:34:17Z/
url https://www.openwall.com/lists/oss-security/2025/11/04/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2415344
reference_id 2415344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2415344
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-65073
reference_id CVE-2025-65073
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-65073
9
reference_url https://github.com/advisories/GHSA-hcqg-5g63-7j9h
reference_id GHSA-hcqg-5g63-7j9h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hcqg-5g63-7j9h
10
reference_url https://access.redhat.com/errata/RHSA-2026:1958
reference_id RHSA-2026:1958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1958
11
reference_url https://usn.ubuntu.com/7926-1/
reference_id USN-7926-1
reference_type
scores
url https://usn.ubuntu.com/7926-1/
fixed_packages
0
url pkg:pypi/keystone@26.0.1
purl pkg:pypi/keystone@26.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@26.0.1
1
url pkg:pypi/keystone@27.0.0
purl pkg:pypi/keystone@27.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-ngkx-25ft-8qhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@27.0.0
2
url pkg:pypi/keystone@28.0.0
purl pkg:pypi/keystone@28.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-ngkx-25ft-8qhj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@28.0.0
aliases CVE-2025-65073, GHSA-hcqg-5g63-7j9h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmb8-wq4u-2ug7
10
url VCID-nsx2-6bs2-7bcq
vulnerability_id VCID-nsx2-6bs2-7bcq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12691.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12691
reference_id
reference_type
scores
0
value 0.03566
scoring_system epss
scoring_elements 0.88038
published_at 2026-06-13T12:55:00Z
1
value 0.03566
scoring_system epss
scoring_elements 0.8799
published_at 2026-06-11T12:55:00Z
2
value 0.03566
scoring_system epss
scoring_elements 0.88037
published_at 2026-06-14T12:55:00Z
3
value 0.03566
scoring_system epss
scoring_elements 0.88031
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12691
2
reference_url https://bugs.launchpad.net/keystone/+bug/1872733
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1872733
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-4427-7f3w-mqv6
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4427-7f3w-mqv6
9
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
10
reference_url https://github.com/openstack/keystone/commit/37e9907a176dad6843819b1bec4946c3aecc4548
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/37e9907a176dad6843819b1bec4946c3aecc4548
11
reference_url https://github.com/openstack/keystone/commit/40cbb7bebd50276412daa1981ff5a7c7b3b899a5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/40cbb7bebd50276412daa1981ff5a7c7b3b899a5
12
reference_url https://github.com/openstack/keystone/commit/95b2bbeab113d9f04d1c81f7f1b48bf692bce979
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/95b2bbeab113d9f04d1c81f7f1b48bf692bce979
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-55.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-55.yaml
14
reference_url https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12691
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12691
17
reference_url https://security.openstack.org/ossa/OSSA-2020-004.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-004.html
18
reference_url https://usn.ubuntu.com/4480-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4480-1
19
reference_url https://usn.ubuntu.com/4480-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4480-1/
20
reference_url https://www.openwall.com/lists/oss-security/2020/05/06/5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/05/06/5
21
reference_url http://www.openwall.com/lists/oss-security/2020/05/07/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/07/2
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1830384
reference_id 1830384
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1830384
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
reference_id 959900
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
24
reference_url https://access.redhat.com/errata/RHSA-2020:2732
reference_id RHSA-2020:2732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2732
25
reference_url https://access.redhat.com/errata/RHSA-2020:3096
reference_id RHSA-2020:3096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3096
26
reference_url https://access.redhat.com/errata/RHSA-2020:3102
reference_id RHSA-2020:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3102
27
reference_url https://access.redhat.com/errata/RHSA-2020:3105
reference_id RHSA-2020:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3105
fixed_packages
0
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-kzaw-9ex3-s3d5
7
vulnerability VCID-ngkx-25ft-8qhj
8
vulnerability VCID-nmb8-wq4u-2ug7
9
vulnerability VCID-saua-gpf5-2uhk
10
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
1
url pkg:pypi/keystone@16.0.1
purl pkg:pypi/keystone@16.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-bbem-sea4-3ub4
2
vulnerability VCID-c18s-qdf4-3kdh
3
vulnerability VCID-esad-mak2-8bg2
4
vulnerability VCID-fhme-n8v8-ybev
5
vulnerability VCID-kzaw-9ex3-s3d5
6
vulnerability VCID-ngkx-25ft-8qhj
7
vulnerability VCID-nmb8-wq4u-2ug7
8
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.1
aliases CVE-2020-12691, GHSA-4427-7f3w-mqv6, PYSEC-2020-55
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nsx2-6bs2-7bcq
11
url VCID-p1m3-dt99-ruar
vulnerability_id VCID-p1m3-dt99-ruar
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20170
reference_id
reference_type
scores
0
value 0.00194
scoring_system epss
scoring_elements 0.41278
published_at 2026-06-11T12:55:00Z
1
value 0.00194
scoring_system epss
scoring_elements 0.41444
published_at 2026-06-12T12:55:00Z
2
value 0.00194
scoring_system epss
scoring_elements 0.41462
published_at 2026-06-13T12:55:00Z
3
value 0.00194
scoring_system epss
scoring_elements 0.41452
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20170
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugs.launchpad.net/keystone/+bug/1795800
reference_id 1795800
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-24T15:56:17Z/
url https://bugs.launchpad.net/keystone/+bug/1795800
fixed_packages
0
url pkg:pypi/keystone@14.1.0
purl pkg:pypi/keystone@14.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-jc9x-jf2k-t3h9
7
vulnerability VCID-kzaw-9ex3-s3d5
8
vulnerability VCID-ngkx-25ft-8qhj
9
vulnerability VCID-nmb8-wq4u-2ug7
10
vulnerability VCID-nsx2-6bs2-7bcq
11
vulnerability VCID-saua-gpf5-2uhk
12
vulnerability VCID-x7zb-y9a8-tygv
13
vulnerability VCID-xfds-wmnb-qkcj
14
vulnerability VCID-xr4p-a78v-9bb6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.1.0
aliases CVE-2018-20170, PYSEC-2018-9
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1m3-dt99-ruar
12
url VCID-saua-gpf5-2uhk
vulnerability_id VCID-saua-gpf5-2uhk
summary
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3646.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3646.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3646
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39169
published_at 2026-06-14T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.38981
published_at 2026-06-11T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39176
published_at 2026-06-13T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39153
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3646
3
reference_url https://bugs.launchpad.net/keystone/+bug/1443598
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1443598
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3646
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3646
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
7
reference_url https://web.archive.org/web/20210122154200/http://www.securityfocus.com/bid/74456
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210122154200/http://www.securityfocus.com/bid/74456
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1218640
reference_id 1218640
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1218640
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3646
reference_id CVE-2015-3646
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3646
10
reference_url https://github.com/advisories/GHSA-jwpw-ppj5-7h4w
reference_id GHSA-jwpw-ppj5-7h4w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jwpw-ppj5-7h4w
fixed_packages
0
url pkg:pypi/keystone@2014.1.5
purl pkg:pypi/keystone@2014.1.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@2014.1.5
1
url pkg:pypi/keystone@2014.2.4
purl pkg:pypi/keystone@2014.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@2014.2.4
aliases CVE-2015-3646, GHSA-jwpw-ppj5-7h4w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saua-gpf5-2uhk
13
url VCID-x7zb-y9a8-tygv
vulnerability_id VCID-x7zb-y9a8-tygv
summary OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:4358
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4358
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19687.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19687.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19687
reference_id
reference_type
scores
0
value 0.00728
scoring_system epss
scoring_elements 0.7316
published_at 2026-06-12T12:55:00Z
1
value 0.00728
scoring_system epss
scoring_elements 0.73174
published_at 2026-06-14T12:55:00Z
2
value 0.00728
scoring_system epss
scoring_elements 0.73176
published_at 2026-06-13T12:55:00Z
3
value 0.00728
scoring_system epss
scoring_elements 0.73083
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19687
3
reference_url https://bugs.launchpad.net/keystone/+bug/1855080
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1855080
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19687
5
reference_url https://github.com/advisories/GHSA-2j23-fwqm-mgwr
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2j23-fwqm-mgwr
6
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
7
reference_url https://github.com/openstack/keystone/commit/17947516b0095c51da5cff94771247f2e7c44ee6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/17947516b0095c51da5cff94771247f2e7c44ee6
8
reference_url https://github.com/openstack/keystone/commit/17c337dbdbfb9d548ad531c2ad0483c9bce5b98f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/17c337dbdbfb9d548ad531c2ad0483c9bce5b98f
9
reference_url https://github.com/openstack/keystone/commit/bd3f63787151183f4daa43578aa491856fefae5b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone/commit/bd3f63787151183f4daa43578aa491856fefae5b
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2019-29.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2019-29.yaml
11
reference_url https://git.openstack.org/cgit/openstack/keystone/commit/?id=17947516b0095c51da5cff94771247f2e7c44ee6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/keystone/commit/?id=17947516b0095c51da5cff94771247f2e7c44ee6
12
reference_url https://git.openstack.org/cgit/openstack/keystone/commit/?id=17c337dbdbfb9d548ad531c2ad0483c9bce5b98f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/keystone/commit/?id=17c337dbdbfb9d548ad531c2ad0483c9bce5b98f
13
reference_url https://git.openstack.org/cgit/openstack/keystone/commit/?id=bd3f63787151183f4daa43578aa491856fefae5b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/keystone/commit/?id=bd3f63787151183f4daa43578aa491856fefae5b
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19687
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19687
15
reference_url https://review.opendev.org/#/c/697355
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/#/c/697355
16
reference_url https://review.opendev.org/#/c/697355/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697355/
17
reference_url https://review.opendev.org/#/c/697611
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/#/c/697611
18
reference_url https://review.opendev.org/#/c/697611/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697611/
19
reference_url https://review.opendev.org/#/c/697731
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/#/c/697731
20
reference_url https://review.opendev.org/#/c/697731/
reference_id
reference_type
scores
url https://review.opendev.org/#/c/697731/
21
reference_url https://security.openstack.org/ossa/OSSA-2019-006.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-006.html
22
reference_url https://usn.ubuntu.com/4262-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4262-1
23
reference_url https://usn.ubuntu.com/4262-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4262-1/
24
reference_url http://www.openwall.com/lists/oss-security/2019/12/11/8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/12/11/8
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781470
reference_id 1781470
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1781470
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946614
reference_id 946614
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946614
fixed_packages
0
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-kzaw-9ex3-s3d5
7
vulnerability VCID-ngkx-25ft-8qhj
8
vulnerability VCID-nmb8-wq4u-2ug7
9
vulnerability VCID-saua-gpf5-2uhk
10
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
1
url pkg:pypi/keystone@16.0.1
purl pkg:pypi/keystone@16.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-bbem-sea4-3ub4
2
vulnerability VCID-c18s-qdf4-3kdh
3
vulnerability VCID-esad-mak2-8bg2
4
vulnerability VCID-fhme-n8v8-ybev
5
vulnerability VCID-kzaw-9ex3-s3d5
6
vulnerability VCID-ngkx-25ft-8qhj
7
vulnerability VCID-nmb8-wq4u-2ug7
8
vulnerability VCID-saua-gpf5-2uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.1
aliases CVE-2019-19687, GHSA-2j23-fwqm-mgwr, PYSEC-2019-29
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7zb-y9a8-tygv
14
url VCID-xfds-wmnb-qkcj
vulnerability_id VCID-xfds-wmnb-qkcj
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12692.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12692
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.34084
published_at 2026-06-12T12:55:00Z
1
value 0.0014
scoring_system epss
scoring_elements 0.33907
published_at 2026-06-11T12:55:00Z
2
value 0.0014
scoring_system epss
scoring_elements 0.34087
published_at 2026-06-14T12:55:00Z
3
value 0.0014
scoring_system epss
scoring_elements 0.34109
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12692
2
reference_url https://bugs.launchpad.net/keystone/+bug/1872737
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1872737
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-rqw2-hhrf-7936
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rqw2-hhrf-7936
9
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-56.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-56.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12692
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12692
12
reference_url https://opendev.org/openstack/keystone/commit/ab89ea749013e7f2c46260f68504f5687763e019
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/keystone/commit/ab89ea749013e7f2c46260f68504f5687763e019
13
reference_url https://security.openstack.org/ossa/OSSA-2020-003.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-003.html
14
reference_url https://usn.ubuntu.com/4480-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4480-1
15
reference_url https://usn.ubuntu.com/4480-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4480-1/
16
reference_url https://www.openwall.com/lists/oss-security/2020/05/06/4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/05/06/4
17
reference_url http://www.openwall.com/lists/oss-security/2020/05/07/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/07/1
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1833164
reference_id 1833164
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1833164
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
reference_id 959900
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
20
reference_url https://access.redhat.com/errata/RHSA-2020:2732
reference_id RHSA-2020:2732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2732
21
reference_url https://access.redhat.com/errata/RHSA-2020:3102
reference_id RHSA-2020:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3102
22
reference_url https://access.redhat.com/errata/RHSA-2020:3105
reference_id RHSA-2020:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3105
fixed_packages
0
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-kzaw-9ex3-s3d5
7
vulnerability VCID-ngkx-25ft-8qhj
8
vulnerability VCID-nmb8-wq4u-2ug7
9
vulnerability VCID-saua-gpf5-2uhk
10
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
1
url pkg:pypi/keystone@16.0.0
purl pkg:pypi/keystone@16.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-jc9x-jf2k-t3h9
7
vulnerability VCID-kzaw-9ex3-s3d5
8
vulnerability VCID-ngkx-25ft-8qhj
9
vulnerability VCID-nmb8-wq4u-2ug7
10
vulnerability VCID-nsx2-6bs2-7bcq
11
vulnerability VCID-saua-gpf5-2uhk
12
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.0
aliases CVE-2020-12692, GHSA-rqw2-hhrf-7936, PYSEC-2020-56
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfds-wmnb-qkcj
15
url VCID-xr4p-a78v-9bb6
vulnerability_id VCID-xr4p-a78v-9bb6
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12690.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12690
reference_id
reference_type
scores
0
value 0.00817
scoring_system epss
scoring_elements 0.74846
published_at 2026-06-12T12:55:00Z
1
value 0.00817
scoring_system epss
scoring_elements 0.74775
published_at 2026-06-11T12:55:00Z
2
value 0.00817
scoring_system epss
scoring_elements 0.74855
published_at 2026-06-14T12:55:00Z
3
value 0.00817
scoring_system epss
scoring_elements 0.74859
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12690
2
reference_url https://bugs.launchpad.net/keystone/+bug/1873290
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1873290
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-6m8p-x4qw-gh5j
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6m8p-x4qw-gh5j
9
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-54.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-54.yaml
11
reference_url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12690
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12690
13
reference_url https://security.openstack.org/ossa/OSSA-2020-005.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-005.html
14
reference_url https://usn.ubuntu.com/4480-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4480-1
15
reference_url https://usn.ubuntu.com/4480-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4480-1/
16
reference_url https://www.openwall.com/lists/oss-security/2020/05/06/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/05/06/6
17
reference_url http://www.openwall.com/lists/oss-security/2020/05/07/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/07/3
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1830395
reference_id 1830395
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1830395
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
reference_id 959900
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
20
reference_url https://access.redhat.com/errata/RHSA-2020:3102
reference_id RHSA-2020:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3102
21
reference_url https://access.redhat.com/errata/RHSA-2020:3105
reference_id RHSA-2020:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3105
fixed_packages
0
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-kzaw-9ex3-s3d5
7
vulnerability VCID-ngkx-25ft-8qhj
8
vulnerability VCID-nmb8-wq4u-2ug7
9
vulnerability VCID-saua-gpf5-2uhk
10
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
1
url pkg:pypi/keystone@16.0.0
purl pkg:pypi/keystone@16.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3umd-756n-qqbx
1
vulnerability VCID-91cc-hzfb-3kek
2
vulnerability VCID-bbem-sea4-3ub4
3
vulnerability VCID-c18s-qdf4-3kdh
4
vulnerability VCID-esad-mak2-8bg2
5
vulnerability VCID-fhme-n8v8-ybev
6
vulnerability VCID-jc9x-jf2k-t3h9
7
vulnerability VCID-kzaw-9ex3-s3d5
8
vulnerability VCID-ngkx-25ft-8qhj
9
vulnerability VCID-nmb8-wq4u-2ug7
10
vulnerability VCID-nsx2-6bs2-7bcq
11
vulnerability VCID-saua-gpf5-2uhk
12
vulnerability VCID-x7zb-y9a8-tygv
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.0
aliases CVE-2020-12690, GHSA-6m8p-x4qw-gh5j, PYSEC-2020-54
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xr4p-a78v-9bb6
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.0.0