Search for packages
| purl | pkg:pypi/keystone@11.0.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-96bg-ytf8-9fhd
Aliases: CVE-2017-2673 GHSA-j36m-hv43-7w7m PYSEC-2018-152 |
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:00:55.407349+00:00 | GHSA Importer | Affected by | VCID-96bg-ytf8-9fhd | https://github.com/advisories/GHSA-j36m-hv43-7w7m | 38.0.0 |
| 2026-04-01T15:00:22.411815+00:00 | PyPI Importer | Affected by | VCID-96bg-ytf8-9fhd | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.0.0 |
| 2026-04-01T13:09:40.565948+00:00 | GithubOSV Importer | Affected by | VCID-96bg-ytf8-9fhd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j36m-hv43-7w7m/GHSA-j36m-hv43-7w7m.json | 38.0.0 |
| 2026-04-01T12:50:14.854746+00:00 | GitLab Importer | Affected by | VCID-96bg-ytf8-9fhd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/keystone/CVE-2017-2673.yml | 38.0.0 |
| 2026-04-01T12:41:47.223929+00:00 | Pypa Importer | Affected by | VCID-96bg-ytf8-9fhd | https://github.com/pypa/advisory-database/blob/main/vulns/keystone/PYSEC-2018-152.yaml | 38.0.0 |