VulnerableCode Package Details - pkg:rpm/redhat/openstack-keystone@2012.2.3-3?arch=el6ost

Search for packages

Vulnerability	Summary	Fixed by
VCID-6ku1-bgjj-2yg6 Aliases: CVE-2013-0282 GHSA-8833-qrvm-wc3h	OpenStack Keystone allows context-dependent attackers to bypass access restrictions OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.	There are no reported fixed by versions.
VCID-8yfq-hpqh-zqcp Aliases: CVE-2013-1665 GHSA-x64m-686f-fmm3	XML External Entity (XXE) in Django The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.	There are no reported fixed by versions.
VCID-t88t-p8tx-cfcu Aliases: CVE-2013-1664 GHSA-qrh7-x6fp-c2mp	Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-6ku1-bgjj-2yg6
Aliases:
CVE-2013-0282
GHSA-8833-qrvm-wc3h

OpenStack Keystone allows context-dependent attackers to bypass access restrictions OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

There are no reported fixed by versions.

VCID-8yfq-hpqh-zqcp
Aliases:
CVE-2013-1665
GHSA-x64m-686f-fmm3

XML External Entity (XXE) in Django The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.

There are no reported fixed by versions.

VCID-t88t-p8tx-cfcu
Aliases:
CVE-2013-1664
GHSA-qrh7-x6fp-c2mp

Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:52:18.452841+00:00	RedHat Importer	Affected by	VCID-t88t-p8tx-cfcu	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1664.json	38.0.0
2026-04-01T14:52:17.648739+00:00	RedHat Importer	Affected by	VCID-8yfq-hpqh-zqcp	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1665.json	38.0.0
2026-04-01T14:52:16.508075+00:00	RedHat Importer	Affected by	VCID-6ku1-bgjj-2yg6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0282.json	38.0.0