Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/926230?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "keystone", "version": "2013.1.1-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2013.1.2-1", "latest_non_vulnerable_version": "2:29.0.1-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5378?format=api", "vulnerability_id": "VCID-44u3-6h7t-dbah", "summary": "The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, related to an \"interaction between eventlet and python-memcached.\"", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0382.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0382.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0409.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0409.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0105.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58937", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58819", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58883", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58959", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58922", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58957", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58921", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0105" }, { "reference_url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1282865", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1282865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0105" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-70.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-70.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0105" }, { "reference_url": "https://review.opendev.org/c/openstack/python-keystoneclient/+/81078", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.opendev.org/c/openstack/python-keystoneclient/+/81078" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/03/27/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/03/27/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082165", "reference_id": "1082165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742898", "reference_id": "742898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742898" }, { "reference_url": "https://github.com/advisories/GHSA-gwvq-rgqf-993f", "reference_id": "GHSA-gwvq-rgqf-993f", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gwvq-rgqf-993f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0382", "reference_id": "RHSA-2014:0382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0409", "reference_id": "RHSA-2014:0409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0442", "reference_id": "RHSA-2014:0442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0442" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926220?format=api", "purl": "pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926218?format=api", "purl": "pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926222?format=api", "purl": "pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926221?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062481?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066830?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067557?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0105", "GHSA-gwvq-rgqf-993f", "PYSEC-2014-70" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44u3-6h7t-dbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14483?format=api", "vulnerability_id": "VCID-8bat-qwmh-fyer", "summary": "OpenStack Identity (Keystone) Denial of Service\nOpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-July/111914.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-July/111914.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.85013", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84966", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84962", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84983", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84984", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84981", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.85007", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.85014", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84884", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.849", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84918", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84946", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02372", "scoring_system": "epss", "scoring_elements": "0.84952", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2014" }, { "reference_url": "https://bugs.launchpad.net/keystone/+bug/1098177", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystone/+bug/1098177" }, { "reference_url": "https://bugs.launchpad.net/keystone/+bug/1099025", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystone/+bug/1099025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2014" }, { "reference_url": "http://secunia.com/advisories/53397", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/53397" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84347", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84347" }, { "reference_url": "https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8" }, { "reference_url": "http://www.securityfocus.com/bid/59936", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/59936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708515", "reference_id": "708515", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708515" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2014", "reference_id": "CVE-2013-2014", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2014" }, { "reference_url": "https://github.com/advisories/GHSA-7332-36h8-8jh8", "reference_id": "GHSA-7332-36h8-8jh8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7332-36h8-8jh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926220?format=api", "purl": "pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926218?format=api", "purl": "pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926222?format=api", "purl": "pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926221?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062481?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066830?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067557?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2014", "GHSA-7332-36h8-8jh8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bat-qwmh-fyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5316?format=api", "vulnerability_id": "VCID-cg74-2jr1-2fhp", "summary": "OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00085.html" }, { "reference_url": "http://osvdb.org/93134", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/93134" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75707", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75851", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.7584", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.7583", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75791", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75806", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.7577", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75764", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75753", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75719", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.7574", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75709", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2059" }, { "reference_url": "https://bugs.launchpad.net/keystone/+bug/1166670", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystone/+bug/1166670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2059" }, { "reference_url": "http://secunia.com/advisories/53326", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/53326" }, { "reference_url": "http://secunia.com/advisories/53339", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/53339" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84135", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84135" }, { "reference_url": "https://github.com/openstack/keystone", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone" }, { "reference_url": "https://github.com/openstack/keystone/commit/33214f311aa36b17f8f5ff06bee2130bf061df8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/33214f311aa36b17f8f5ff06bee2130bf061df8f" }, { "reference_url": "https://github.com/openstack/keystone/commit/678b06a91f772d6be82eb54ed11f27e20f446b57", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/678b06a91f772d6be82eb54ed11f27e20f446b57" }, { "reference_url": "https://github.com/openstack/keystone/commit/992466d1dbf80a940190703dedf800d6d12dede8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/992466d1dbf80a940190703dedf800d6d12dede8" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-41.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-41.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2059", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2059" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/05/09/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/05/09/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/05/09/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/05/09/4" }, { "reference_url": "http://www.securityfocus.com/bid/59787", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/59787" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707598", "reference_id": "707598", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707598" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2012.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2012.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2012.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2013.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-hj89-qmx9-8qmh", "reference_id": "GHSA-hj89-qmx9-8qmh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hj89-qmx9-8qmh" }, { "reference_url": "https://usn.ubuntu.com/1830-1/", "reference_id": "USN-1830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926220?format=api", "purl": "pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926218?format=api", "purl": "pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926222?format=api", "purl": "pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926221?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062481?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066830?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067557?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2059", "GHSA-hj89-qmx9-8qmh", "PYSEC-2013-41" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cg74-2jr1-2fhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14333?format=api", "vulnerability_id": "VCID-qmyj-ffvg-tbe8", "summary": "OpenStack Keystone Denial of Service vulnerability via a large HTTP request\nOpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0708.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0708.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0270.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01809", "scoring_system": "epss", "scoring_elements": "0.82778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01809", "scoring_system": "epss", "scoring_elements": "0.82792", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01809", "scoring_system": "epss", "scoring_elements": "0.82762", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85892", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85848", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85844", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85862", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85867", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85859", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.85882", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02681", "scoring_system": "epss", "scoring_elements": "0.8589", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0270" }, { "reference_url": "https://bugs.launchpad.net/keystone/+bug/1099025", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystone/+bug/1099025" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=909012", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0270" }, { "reference_url": "https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8" }, { "reference_url": "https://github.com/openstack/keystone/commit/82c87e5638ebaf9f166a9b07a0155291276d6fdc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/82c87e5638ebaf9f166a9b07a0155291276d6fdc" }, { "reference_url": "https://launchpad.net/keystone/grizzly/2013.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://launchpad.net/keystone/grizzly/2013.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2013.1:milestone1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2013.1:milestone2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2013.1:milestone3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1:milestone3:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-0270", "reference_id": "CVE-2013-0270", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-0270" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0270", "reference_id": "CVE-2013-0270", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0270" }, { "reference_url": "https://github.com/advisories/GHSA-4ppj-4p4v-jf4p", "reference_id": "GHSA-4ppj-4p4v-jf4p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4ppj-4p4v-jf4p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926220?format=api", "purl": "pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926218?format=api", "purl": "pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926222?format=api", "purl": "pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926221?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062481?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066830?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067557?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0270", "GHSA-4ppj-4p4v-jf4p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmyj-ffvg-tbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5315?format=api", "vulnerability_id": "VCID-snpz-wwd6-dkb6", "summary": "OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0806.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0806.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2006.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11788", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11707", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11791", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11653", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11624", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11702", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11742", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11758", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11876", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2006" }, { "reference_url": "https://bugs.launchpad.net/keystone/+bug/1172195", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystone/+bug/1172195" }, { "reference_url": "https://bugs.launchpad.net/ossn/+bug/1168252", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/ossn/+bug/1168252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2006" }, { "reference_url": "https://github.com/openstack/keystone", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone" }, { "reference_url": "https://github.com/openstack/keystone/commit/c5037dd6b82909efaaa8720e8cfa8bdb8b4a0edd", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/c5037dd6b82909efaaa8720e8cfa8bdb8b4a0edd" }, { "reference_url": "https://github.com/openstack/keystone/commit/d43e2a51a1ed7adbed3c5ddf001d46bc4a824ae8", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/keystone/commit/d43e2a51a1ed7adbed3c5ddf001d46bc4a824ae8" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-40.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-40.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2006", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2006" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/04/24/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/04/24/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/04/24/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/04/24/2" }, { "reference_url": "http://www.securityfocus.com/bid/59411", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/59411" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=956007", "reference_id": "956007", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=956007" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystone:2013.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystone:2013.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-rxrm-xvp4-jqvh", "reference_id": "GHSA-rxrm-xvp4-jqvh", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rxrm-xvp4-jqvh" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0806", "reference_id": "RHSA-2013:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0806" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926230?format=api", "purl": "pkg:deb/debian/keystone@2013.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926220?format=api", "purl": "pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926218?format=api", "purl": "pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-93vc-hgec-nfe6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926222?format=api", "purl": "pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6wj2-abbb-xqf6" }, { "vulnerability": "VCID-z3vj-se4e-hbgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926221?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062481?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066830?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067557?format=api", "purl": "pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2006", "GHSA-rxrm-xvp4-jqvh", "PYSEC-2013-40" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snpz-wwd6-dkb6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2013.1.1-2%3Fdistro=trixie" }