VulnerableCode Package Details - pkg:deb/debian/keystone@2012.1.1-11?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/keystone@2012.1.1-11?distro=trixie

purl	pkg:deb/debian/keystone@2012.1.1-11?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-vr8z-xkg6-kuhy	OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role.	CVE-2012-5571 GHSA-qvpr-qm6w-6rcc PYSEC-2012-35

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:01:46.026733+00:00	Debian Importer	Fixing	VCID-vr8z-xkg6-kuhy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T17:49:26.391463+00:00	Debian Importer	Fixing	VCID-vr8z-xkg6-kuhy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:28:02.087074+00:00	Debian Importer	Fixing	VCID-vr8z-xkg6-kuhy	https://security-tracker.debian.org/tracker/data/json	38.1.0