Search for packages
| purl | pkg:pypi/keystone@9.0.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-96bg-ytf8-9fhd
Aliases: CVE-2017-2673 GHSA-j36m-hv43-7w7m PYSEC-2018-152 |
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-t2ap-zxfa-fkhe
Aliases: CVE-2016-4911 GHSA-f82m-w3p3-cgp3 PYSEC-2016-38 |
The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:30.909249+00:00 | GHSA Importer | Affected by | VCID-t2ap-zxfa-fkhe | https://github.com/advisories/GHSA-f82m-w3p3-cgp3 | 38.1.0 |
| 2026-04-03T21:26:07.661157+00:00 | GitLab Importer | Affected by | VCID-t2ap-zxfa-fkhe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/keystone/CVE-2016-4911.yml | 38.1.0 |
| 2026-04-01T16:00:55.372231+00:00 | GHSA Importer | Affected by | VCID-96bg-ytf8-9fhd | https://github.com/advisories/GHSA-j36m-hv43-7w7m | 38.0.0 |
| 2026-04-01T12:50:14.849338+00:00 | GitLab Importer | Affected by | VCID-96bg-ytf8-9fhd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/keystone/CVE-2017-2673.yml | 38.0.0 |