Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-nkpc-cb73-47ez
SummaryThe s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.
Aliases
0
alias CVE-2015-1852
1
alias PYSEC-2015-30
2
alias PYSEC-2015-31
Fixed_packages
0
url pkg:pypi/keystonemiddleware@1.6.0
purl pkg:pypi/keystonemiddleware@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.6.0
1
url pkg:pypi/python-keystoneclient@1.4.0
purl pkg:pypi/python-keystoneclient@1.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.4.0
Affected_packages
0
url pkg:pypi/keystonemiddleware@0
purl pkg:pypi/keystonemiddleware@0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-j99r-n3ep-p3dg
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@0
1
url pkg:pypi/keystonemiddleware@1.0.0
purl pkg:pypi/keystonemiddleware@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-j99r-n3ep-p3dg
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.0.0
2
url pkg:pypi/keystonemiddleware@1.1.0
purl pkg:pypi/keystonemiddleware@1.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-j99r-n3ep-p3dg
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.1.0
3
url pkg:pypi/keystonemiddleware@1.1.1
purl pkg:pypi/keystonemiddleware@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-j99r-n3ep-p3dg
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.1.1
4
url pkg:pypi/keystonemiddleware@1.2.0
purl pkg:pypi/keystonemiddleware@1.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.2.0
5
url pkg:pypi/keystonemiddleware@1.3.0
purl pkg:pypi/keystonemiddleware@1.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.3.0
6
url pkg:pypi/keystonemiddleware@1.3.1
purl pkg:pypi/keystonemiddleware@1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.3.1
7
url pkg:pypi/keystonemiddleware@1.3.2
purl pkg:pypi/keystonemiddleware@1.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.3.2
8
url pkg:pypi/keystonemiddleware@1.4.0
purl pkg:pypi/keystonemiddleware@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.4.0
9
url pkg:pypi/keystonemiddleware@1.5.0
purl pkg:pypi/keystonemiddleware@1.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.5.0
10
url pkg:pypi/keystonemiddleware@1.5.1
purl pkg:pypi/keystonemiddleware@1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.5.1
11
url pkg:pypi/keystonemiddleware@1.5.2
purl pkg:pypi/keystonemiddleware@1.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.5.2
12
url pkg:pypi/keystonemiddleware@1.5.3
purl pkg:pypi/keystonemiddleware@1.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j99r-n3ep-p3dg
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystonemiddleware@1.5.3
13
url pkg:pypi/python-keystoneclient@0.1.1
purl pkg:pypi/python-keystoneclient@0.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.1.1
14
url pkg:pypi/python-keystoneclient@0.1.2
purl pkg:pypi/python-keystoneclient@0.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.1.2
15
url pkg:pypi/python-keystoneclient@0.1.3
purl pkg:pypi/python-keystoneclient@0.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.1.3
16
url pkg:pypi/python-keystoneclient@0.2.0
purl pkg:pypi/python-keystoneclient@0.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.0
17
url pkg:pypi/python-keystoneclient@0.2.1
purl pkg:pypi/python-keystoneclient@0.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.1
18
url pkg:pypi/python-keystoneclient@0.2.2
purl pkg:pypi/python-keystoneclient@0.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
3
vulnerability VCID-tp6c-xf5e-xkah
4
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.2
19
url pkg:pypi/python-keystoneclient@0.2.3
purl pkg:pypi/python-keystoneclient@0.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-93qq-6jdh-h3fg
2
vulnerability VCID-amgw-7mt1-43dn
3
vulnerability VCID-e4fe-13v1-97e4
4
vulnerability VCID-nkpc-cb73-47ez
5
vulnerability VCID-tp6c-xf5e-xkah
6
vulnerability VCID-wudn-x7h6-7ffs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.3
20
url pkg:pypi/python-keystoneclient@0.2.4
purl pkg:pypi/python-keystoneclient@0.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-93qq-6jdh-h3fg
2
vulnerability VCID-amgw-7mt1-43dn
3
vulnerability VCID-e4fe-13v1-97e4
4
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.4
21
url pkg:pypi/python-keystoneclient@0.2.5
purl pkg:pypi/python-keystoneclient@0.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-93qq-6jdh-h3fg
2
vulnerability VCID-amgw-7mt1-43dn
3
vulnerability VCID-e4fe-13v1-97e4
4
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.2.5
22
url pkg:pypi/python-keystoneclient@0.3.0
purl pkg:pypi/python-keystoneclient@0.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.3.0
23
url pkg:pypi/python-keystoneclient@0.3.1
purl pkg:pypi/python-keystoneclient@0.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.3.1
24
url pkg:pypi/python-keystoneclient@0.3.2
purl pkg:pypi/python-keystoneclient@0.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.3.2
25
url pkg:pypi/python-keystoneclient@0.4.0
purl pkg:pypi/python-keystoneclient@0.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.4.0
26
url pkg:pypi/python-keystoneclient@0.4.1
purl pkg:pypi/python-keystoneclient@0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.4.1
27
url pkg:pypi/python-keystoneclient@0.4.2
purl pkg:pypi/python-keystoneclient@0.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.4.2
28
url pkg:pypi/python-keystoneclient@0.5.0
purl pkg:pypi/python-keystoneclient@0.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.5.0
29
url pkg:pypi/python-keystoneclient@0.5.1
purl pkg:pypi/python-keystoneclient@0.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.5.1
30
url pkg:pypi/python-keystoneclient@0.6.0
purl pkg:pypi/python-keystoneclient@0.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7n2d-dh67-z7bv
1
vulnerability VCID-e4fe-13v1-97e4
2
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.6.0
31
url pkg:pypi/python-keystoneclient@0.7.0
purl pkg:pypi/python-keystoneclient@0.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.7.0
32
url pkg:pypi/python-keystoneclient@0.7.1
purl pkg:pypi/python-keystoneclient@0.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.7.1
33
url pkg:pypi/python-keystoneclient@0.8.0
purl pkg:pypi/python-keystoneclient@0.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.8.0
34
url pkg:pypi/python-keystoneclient@0.9.0
purl pkg:pypi/python-keystoneclient@0.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.9.0
35
url pkg:pypi/python-keystoneclient@0.10.0
purl pkg:pypi/python-keystoneclient@0.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.10.0
36
url pkg:pypi/python-keystoneclient@0.10.1
purl pkg:pypi/python-keystoneclient@0.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.10.1
37
url pkg:pypi/python-keystoneclient@0.11.0
purl pkg:pypi/python-keystoneclient@0.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.11.0
38
url pkg:pypi/python-keystoneclient@0.11.1
purl pkg:pypi/python-keystoneclient@0.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.11.1
39
url pkg:pypi/python-keystoneclient@0.11.2
purl pkg:pypi/python-keystoneclient@0.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@0.11.2
40
url pkg:pypi/python-keystoneclient@1.0.0
purl pkg:pypi/python-keystoneclient@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.0.0
41
url pkg:pypi/python-keystoneclient@1.1.0
purl pkg:pypi/python-keystoneclient@1.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.1.0
42
url pkg:pypi/python-keystoneclient@1.1.1
purl pkg:pypi/python-keystoneclient@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e4fe-13v1-97e4
1
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.1.1
43
url pkg:pypi/python-keystoneclient@1.2.0
purl pkg:pypi/python-keystoneclient@1.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.2.0
44
url pkg:pypi/python-keystoneclient@1.3.0
purl pkg:pypi/python-keystoneclient@1.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.3.0
45
url pkg:pypi/python-keystoneclient@1.3.1
purl pkg:pypi/python-keystoneclient@1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.3.1
46
url pkg:pypi/python-keystoneclient@1.3.2
purl pkg:pypi/python-keystoneclient@1.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.3.2
47
url pkg:pypi/python-keystoneclient@1.3.3
purl pkg:pypi/python-keystoneclient@1.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.3.3
48
url pkg:pypi/python-keystoneclient@1.3.4
purl pkg:pypi/python-keystoneclient@1.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nkpc-cb73-47ez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/python-keystoneclient@1.3.4
References
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html
reference_id
reference_type
scores
url http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1677.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-1677.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-1685.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-1685.html
3
reference_url https://bugs.launchpad.net/keystonemiddleware/+bug/1411063
reference_id
reference_type
scores
url https://bugs.launchpad.net/keystonemiddleware/+bug/1411063
4
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
5
reference_url http://www.securityfocus.com/bid/74187
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/74187
6
reference_url http://www.ubuntu.com/usn/USN-2705-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2705-1
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-nkpc-cb73-47ez