Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-w6e4-zd31-g7hu
SummaryAn issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
Aliases
0
alias CVE-2020-12690
1
alias GHSA-6m8p-x4qw-gh5j
2
alias PYSEC-2020-54
Fixed_packages
0
url pkg:deb/debian/keystone@2:14.2.0-0%2Bdeb10u1
purl pkg:deb/debian/keystone@2:14.2.0-0%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gdk6-a746-6fac
1
vulnerability VCID-p5un-b12x-tuh5
2
vulnerability VCID-qyjh-md45-hyhh
3
vulnerability VCID-r25g-be38-b3be
4
vulnerability VCID-rgkw-6ews-rked
5
vulnerability VCID-w6e4-zd31-g7hu
6
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:14.2.0-0%252Bdeb10u1
1
url pkg:deb/debian/keystone@2:17.0.0~rc2-1?distro=trixie
purl pkg:deb/debian/keystone@2:17.0.0~rc2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:17.0.0~rc2-1%3Fdistro=trixie
2
url pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
1
vulnerability VCID-93vc-hgec-nfe6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1
purl pkg:deb/debian/keystone@2:18.0.0-3%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
1
vulnerability VCID-93vc-hgec-nfe6
2
vulnerability VCID-r25g-be38-b3be
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:18.0.0-3%252Bdeb11u1
4
url pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/keystone@2:22.0.2-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
1
vulnerability VCID-93vc-hgec-nfe6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:22.0.2-0%252Bdeb12u1%3Fdistro=trixie
5
url pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/keystone@2:27.0.0-3%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wj2-abbb-xqf6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:27.0.0-3%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-1%3Fdistro=trixie
7
url pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-2%3Fdistro=trixie
8
url pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.0-3%3Fdistro=trixie
9
url pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie
purl pkg:deb/debian/keystone@2:29.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:29.0.1-1%3Fdistro=trixie
10
url pkg:pypi/keystone@15.0.1
purl pkg:pypi/keystone@15.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-r25g-be38-b3be
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.1
11
url pkg:pypi/keystone@16.0.0
purl pkg:pypi/keystone@16.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.0
Affected_packages
0
url pkg:deb/debian/keystone@2012.1.1-13%2Bwheezy1
purl pkg:deb/debian/keystone@2012.1.1-13%2Bwheezy1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-44u3-6h7t-dbah
1
vulnerability VCID-5atx-veu5-kud6
2
vulnerability VCID-655y-mj8k-dbb2
3
vulnerability VCID-6cy4-grme-mka1
4
vulnerability VCID-844e-r6mn-bqh5
5
vulnerability VCID-8bat-qwmh-fyer
6
vulnerability VCID-8tkd-pcuy-d7ax
7
vulnerability VCID-91k2-z5s1-gbbx
8
vulnerability VCID-96bg-ytf8-9fhd
9
vulnerability VCID-9dhg-r711-yfg6
10
vulnerability VCID-am2m-2fgu-xkfk
11
vulnerability VCID-cg74-2jr1-2fhp
12
vulnerability VCID-gdk6-a746-6fac
13
vulnerability VCID-h1xa-f7tm-tudx
14
vulnerability VCID-hjrj-k1wk-jbha
15
vulnerability VCID-ksj4-14rq-uyb7
16
vulnerability VCID-my7j-6x5y-97a1
17
vulnerability VCID-p5un-b12x-tuh5
18
vulnerability VCID-qdd1-jvk8-73hd
19
vulnerability VCID-qmyj-ffvg-tbe8
20
vulnerability VCID-qyjh-md45-hyhh
21
vulnerability VCID-r25g-be38-b3be
22
vulnerability VCID-rgkw-6ews-rked
23
vulnerability VCID-s3gc-cxxf-63ed
24
vulnerability VCID-s5ab-apmg-dqd9
25
vulnerability VCID-snpz-wwd6-dkb6
26
vulnerability VCID-t2ap-zxfa-fkhe
27
vulnerability VCID-uexc-7rt7-hbgx
28
vulnerability VCID-w6e4-zd31-g7hu
29
vulnerability VCID-wc5s-25xb-rqaa
30
vulnerability VCID-wm8s-rmkk-mugb
31
vulnerability VCID-ztee-sxym-zffv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2012.1.1-13%252Bwheezy1
1
url pkg:deb/debian/keystone@2014.1.3-6
purl pkg:deb/debian/keystone@2014.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-844e-r6mn-bqh5
1
vulnerability VCID-96bg-ytf8-9fhd
2
vulnerability VCID-9dhg-r711-yfg6
3
vulnerability VCID-gdk6-a746-6fac
4
vulnerability VCID-p5un-b12x-tuh5
5
vulnerability VCID-qyjh-md45-hyhh
6
vulnerability VCID-r25g-be38-b3be
7
vulnerability VCID-rgkw-6ews-rked
8
vulnerability VCID-t2ap-zxfa-fkhe
9
vulnerability VCID-w6e4-zd31-g7hu
10
vulnerability VCID-wc5s-25xb-rqaa
11
vulnerability VCID-ztee-sxym-zffv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2014.1.3-6
2
url pkg:deb/debian/keystone@2:9.0.0-2~bpo8%2B1
purl pkg:deb/debian/keystone@2:9.0.0-2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96bg-ytf8-9fhd
1
vulnerability VCID-gdk6-a746-6fac
2
vulnerability VCID-p5un-b12x-tuh5
3
vulnerability VCID-qyjh-md45-hyhh
4
vulnerability VCID-r25g-be38-b3be
5
vulnerability VCID-rgkw-6ews-rked
6
vulnerability VCID-t2ap-zxfa-fkhe
7
vulnerability VCID-w6e4-zd31-g7hu
8
vulnerability VCID-wc5s-25xb-rqaa
9
vulnerability VCID-ztee-sxym-zffv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:9.0.0-2~bpo8%252B1
3
url pkg:deb/debian/keystone@2:10.0.0-9%2Bdeb9u1
purl pkg:deb/debian/keystone@2:10.0.0-9%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gdk6-a746-6fac
1
vulnerability VCID-p5un-b12x-tuh5
2
vulnerability VCID-qyjh-md45-hyhh
3
vulnerability VCID-r25g-be38-b3be
4
vulnerability VCID-rgkw-6ews-rked
5
vulnerability VCID-w6e4-zd31-g7hu
6
vulnerability VCID-wc5s-25xb-rqaa
7
vulnerability VCID-ztee-sxym-zffv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:10.0.0-9%252Bdeb9u1
4
url pkg:deb/debian/keystone@2:14.2.0-0%2Bdeb10u1
purl pkg:deb/debian/keystone@2:14.2.0-0%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gdk6-a746-6fac
1
vulnerability VCID-p5un-b12x-tuh5
2
vulnerability VCID-qyjh-md45-hyhh
3
vulnerability VCID-r25g-be38-b3be
4
vulnerability VCID-rgkw-6ews-rked
5
vulnerability VCID-w6e4-zd31-g7hu
6
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/keystone@2:14.2.0-0%252Bdeb10u1
5
url pkg:pypi/keystone@12.0.2
purl pkg:pypi/keystone@12.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@12.0.2
6
url pkg:pypi/keystone@12.0.3
purl pkg:pypi/keystone@12.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@12.0.3
7
url pkg:pypi/keystone@13.0.2
purl pkg:pypi/keystone@13.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@13.0.2
8
url pkg:pypi/keystone@13.0.3
purl pkg:pypi/keystone@13.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@13.0.3
9
url pkg:pypi/keystone@13.0.4
purl pkg:pypi/keystone@13.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@13.0.4
10
url pkg:pypi/keystone@14.0.0
purl pkg:pypi/keystone@14.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-6wj2-abbb-xqf6
3
vulnerability VCID-769v-tw47-rucm
4
vulnerability VCID-89vf-n61h-k3b2
5
vulnerability VCID-93vc-hgec-nfe6
6
vulnerability VCID-9dhg-r711-yfg6
7
vulnerability VCID-gdk6-a746-6fac
8
vulnerability VCID-p5un-b12x-tuh5
9
vulnerability VCID-qyjh-md45-hyhh
10
vulnerability VCID-r25g-be38-b3be
11
vulnerability VCID-rgkw-6ews-rked
12
vulnerability VCID-w6e4-zd31-g7hu
13
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.0.0
11
url pkg:pypi/keystone@14.0.1
purl pkg:pypi/keystone@14.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-2n1f-h6m8-d7h7
2
vulnerability VCID-769v-tw47-rucm
3
vulnerability VCID-89vf-n61h-k3b2
4
vulnerability VCID-93vc-hgec-nfe6
5
vulnerability VCID-9dhg-r711-yfg6
6
vulnerability VCID-gdk6-a746-6fac
7
vulnerability VCID-p5un-b12x-tuh5
8
vulnerability VCID-qyjh-md45-hyhh
9
vulnerability VCID-r25g-be38-b3be
10
vulnerability VCID-rgkw-6ews-rked
11
vulnerability VCID-w6e4-zd31-g7hu
12
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.0.1
12
url pkg:pypi/keystone@14.1.0
purl pkg:pypi/keystone@14.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
10
vulnerability VCID-w6e4-zd31-g7hu
11
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.1.0
13
url pkg:pypi/keystone@14.2.0
purl pkg:pypi/keystone@14.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
10
vulnerability VCID-w6e4-zd31-g7hu
11
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@14.2.0
14
url pkg:pypi/keystone@15.0.0.0rc1
purl pkg:pypi/keystone@15.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
10
vulnerability VCID-w6e4-zd31-g7hu
11
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.0.0rc1
15
url pkg:pypi/keystone@15.0.0.0rc2
purl pkg:pypi/keystone@15.0.0.0rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
10
vulnerability VCID-w6e4-zd31-g7hu
11
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.0.0rc2
16
url pkg:pypi/keystone@15.0.0
purl pkg:pypi/keystone@15.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-qyjh-md45-hyhh
8
vulnerability VCID-r25g-be38-b3be
9
vulnerability VCID-rgkw-6ews-rked
10
vulnerability VCID-w6e4-zd31-g7hu
11
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@15.0.0
17
url pkg:pypi/keystone@16.0.0.0rc1
purl pkg:pypi/keystone@16.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-r25g-be38-b3be
8
vulnerability VCID-w6e4-zd31-g7hu
9
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.0.0rc1
18
url pkg:pypi/keystone@16.0.0.0rc2
purl pkg:pypi/keystone@16.0.0.0rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ggr-pe4y-y3cn
1
vulnerability VCID-769v-tw47-rucm
2
vulnerability VCID-89vf-n61h-k3b2
3
vulnerability VCID-93vc-hgec-nfe6
4
vulnerability VCID-9dhg-r711-yfg6
5
vulnerability VCID-gdk6-a746-6fac
6
vulnerability VCID-p5un-b12x-tuh5
7
vulnerability VCID-r25g-be38-b3be
8
vulnerability VCID-w6e4-zd31-g7hu
9
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keystone@16.0.0.0rc2
19
url pkg:rpm/redhat/openstack-keystone@1:15.0.1-0.20200512110437.95b2bbe?arch=el8ost
purl pkg:rpm/redhat/openstack-keystone@1:15.0.1-0.20200512110437.95b2bbe?arch=el8ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qyjh-md45-hyhh
1
vulnerability VCID-rgkw-6ews-rked
2
vulnerability VCID-w6e4-zd31-g7hu
3
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-keystone@1:15.0.1-0.20200512110437.95b2bbe%3Farch=el8ost
20
url pkg:rpm/redhat/openstack-keystone@1:16.0.1-0.20200511063421.40cbb7b?arch=el8ost
purl pkg:rpm/redhat/openstack-keystone@1:16.0.1-0.20200511063421.40cbb7b?arch=el8ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qyjh-md45-hyhh
1
vulnerability VCID-rgkw-6ews-rked
2
vulnerability VCID-w6e4-zd31-g7hu
3
vulnerability VCID-wc5s-25xb-rqaa
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-keystone@1:16.0.1-0.20200511063421.40cbb7b%3Farch=el8ost
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12690.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12690
reference_id
reference_type
scores
0
value 0.00817
scoring_system epss
scoring_elements 0.7438
published_at 2026-04-18T12:55:00Z
1
value 0.00817
scoring_system epss
scoring_elements 0.74372
published_at 2026-04-16T12:55:00Z
2
value 0.00817
scoring_system epss
scoring_elements 0.74335
published_at 2026-04-13T12:55:00Z
3
value 0.00817
scoring_system epss
scoring_elements 0.74288
published_at 2026-04-01T12:55:00Z
4
value 0.00817
scoring_system epss
scoring_elements 0.74343
published_at 2026-04-12T12:55:00Z
5
value 0.00817
scoring_system epss
scoring_elements 0.74363
published_at 2026-04-11T12:55:00Z
6
value 0.00817
scoring_system epss
scoring_elements 0.74342
published_at 2026-04-09T12:55:00Z
7
value 0.00817
scoring_system epss
scoring_elements 0.74327
published_at 2026-04-08T12:55:00Z
8
value 0.00817
scoring_system epss
scoring_elements 0.74294
published_at 2026-04-07T12:55:00Z
9
value 0.00817
scoring_system epss
scoring_elements 0.74321
published_at 2026-04-04T12:55:00Z
10
value 0.00817
scoring_system epss
scoring_elements 0.74293
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12690
2
reference_url https://bugs.launchpad.net/keystone/+bug/1873290
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/keystone/+bug/1873290
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12689
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12690
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12691
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12692
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-6m8p-x4qw-gh5j
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6m8p-x4qw-gh5j
9
reference_url https://github.com/openstack/keystone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/keystone
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-54.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-54.yaml
11
reference_url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12690
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12690
13
reference_url https://security.openstack.org/ossa/OSSA-2020-005.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-005.html
14
reference_url https://usn.ubuntu.com/4480-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4480-1
15
reference_url https://usn.ubuntu.com/4480-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4480-1/
16
reference_url https://www.openwall.com/lists/oss-security/2020/05/06/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/05/06/6
17
reference_url http://www.openwall.com/lists/oss-security/2020/05/07/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/07/3
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1830395
reference_id 1830395
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1830395
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
reference_id 959900
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959900
20
reference_url https://access.redhat.com/errata/RHSA-2020:3102
reference_id RHSA-2020:3102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3102
21
reference_url https://access.redhat.com/errata/RHSA-2020:3105
reference_id RHSA-2020:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3105
Weaknesses
0
cwe_id 613
name Insufficient Session Expiration
description According to WASC, Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.
1
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score5.3 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-w6e4-zd31-g7hu