VulnerableCode Package Details - pkg:deb/debian/keystone@2012.1.1-13?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6ku1-bgjj-2yg6	OpenStack Keystone allows context-dependent attackers to bypass access restrictions OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.	CVE-2013-0282 GHSA-8833-qrvm-wc3h
VCID-8yfq-hpqh-zqcp	XML External Entity (XXE) in Django The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.	CVE-2013-1665 GHSA-x64m-686f-fmm3
VCID-t88t-p8tx-cfcu	Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.	CVE-2013-1664 GHSA-qrh7-x6fp-c2mp

Vulnerability

Summary

Aliases

VCID-6ku1-bgjj-2yg6

OpenStack Keystone allows context-dependent attackers to bypass access restrictions OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

CVE-2013-0282
GHSA-8833-qrvm-wc3h

VCID-8yfq-hpqh-zqcp

XML External Entity (XXE) in Django The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.

CVE-2013-1665
GHSA-x64m-686f-fmm3

VCID-t88t-p8tx-cfcu

Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.

CVE-2013-1664
GHSA-qrh7-x6fp-c2mp

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:17:11.355503+00:00	Debian Importer	Fixing	VCID-t88t-p8tx-cfcu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:46:28.444740+00:00	Debian Importer	Fixing	VCID-8yfq-hpqh-zqcp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:57:20.076453+00:00	Debian Importer	Fixing	VCID-6ku1-bgjj-2yg6	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T17:49:26.639060+00:00	Debian Importer	Fixing	VCID-8yfq-hpqh-zqcp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:49:26.589832+00:00	Debian Importer	Fixing	VCID-t88t-p8tx-cfcu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:49:26.536101+00:00	Debian Importer	Fixing	VCID-6ku1-bgjj-2yg6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:28:02.328534+00:00	Debian Importer	Fixing	VCID-8yfq-hpqh-zqcp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:02.280486+00:00	Debian Importer	Fixing	VCID-t88t-p8tx-cfcu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:02.230778+00:00	Debian Importer	Fixing	VCID-6ku1-bgjj-2yg6	https://security-tracker.debian.org/tracker/data/json	38.1.0