Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936573?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "type": "deb", "namespace": "debian", "name": "python-keystoneclient", "version": "1:5.0.1-3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:5.6.0-2", "latest_non_vulnerable_version": "1:5.8.0-4", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5378?format=api", "vulnerability_id": "VCID-44u3-6h7t-dbah", "summary": "The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, related to an \"interaction between eventlet and python-memcached.\"", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0382.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0382.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0409.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0409.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0105.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59041", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58819", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58883", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58959", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58922", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58957", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58921", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58937", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58931", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58989", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58943", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58972", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0105" }, { "reference_url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1282865", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1282865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0105" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-70.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-70.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0105", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0105" }, { "reference_url": "https://review.opendev.org/c/openstack/python-keystoneclient/+/81078", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.opendev.org/c/openstack/python-keystoneclient/+/81078" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/03/27/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/03/27/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082165", "reference_id": "1082165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742898", "reference_id": "742898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742898" }, { "reference_url": "https://github.com/advisories/GHSA-gwvq-rgqf-993f", "reference_id": "GHSA-gwvq-rgqf-993f", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gwvq-rgqf-993f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0382", "reference_id": "RHSA-2014:0382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0409", "reference_id": "RHSA-2014:0409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0442", "reference_id": "RHSA-2014:0442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0442" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936580?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.6.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.6.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0105", "GHSA-gwvq-rgqf-993f", "PYSEC-2014-70" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44u3-6h7t-dbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5471?format=api", "vulnerability_id": "VCID-5st1-zx32-3yfw", "summary": "The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the \"insecure\" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.", "references": [ { "reference_url": "http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1677.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1677.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1685.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1685.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1677", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1685", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1685" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1852.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1852.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2015-1852", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2015-1852" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44354", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44435", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44431", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44513", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44582", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44535", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44534", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44564", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44547", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44308", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.4423", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44492", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44462", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44324", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44259", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44289", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44356", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1852" }, { "reference_url": "https://bugs.launchpad.net/keystonemiddleware/+bug/1411063", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/keystonemiddleware/+bug/1411063" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209527", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1852" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystonemiddleware/PYSEC-2015-30.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystonemiddleware/PYSEC-2015-30.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2015-31.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2015-31.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1852", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1852" }, { "reference_url": "https://web.archive.org/web/20200228060649/http://www.securityfocus.com/bid/74187", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228060649/http://www.securityfocus.com/bid/74187" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "reference_url": "http://www.securityfocus.com/bid/74187", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74187" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2705-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2705-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783164", "reference_id": "783164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783164" }, { "reference_url": "https://github.com/advisories/GHSA-p9wq-mjh8-q72m", "reference_id": "GHSA-p9wq-mjh8-q72m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p9wq-mjh8-q72m" }, { "reference_url": "https://usn.ubuntu.com/2705-1/", "reference_id": "USN-2705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936582?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:1.3.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:1.3.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1852", "GHSA-p9wq-mjh8-q72m", "PYSEC-2015-30", "PYSEC-2015-31" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5st1-zx32-3yfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5439?format=api", "vulnerability_id": "VCID-79rs-7766-4ycf", "summary": "OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the \"insecure\" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1783.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1783.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1784.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1784.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0020.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7144.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58629", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58415", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.585", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5852", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58491", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58543", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5855", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58566", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58564", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5851", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58523", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58509", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58474", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58518", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58576", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5853", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58558", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7144" }, { "reference_url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1353315", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1353315" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7144" }, { "reference_url": "http://secunia.com/advisories/62709", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62709" }, { "reference_url": "https://github.com/openstack/ossa/blob/23e15de721f4a6890374a231d93524e02965a97f/ossa/OSSA-2014-030.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/ossa/blob/23e15de721f4a6890374a231d93524e02965a97f/ossa/OSSA-2014-030.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystonemiddleware/PYSEC-2014-26.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/keystonemiddleware/PYSEC-2014-26.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-71.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-71.yaml" }, { "reference_url": "https://web.archive.org/web/20200228053850/http://www.securityfocus.com/bid/69864", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228053850/http://www.securityfocus.com/bid/69864" }, { "reference_url": "https://web.archive.org/web/20200228060511/https://www.securityfocus.com/bid/69864", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228060511/https://www.securityfocus.com/bid/69864" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/51", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/51" }, { "reference_url": "http://www.securityfocus.com/bid/69864", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69864" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2705-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2705-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1143808", "reference_id": "1143808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1143808" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762748", "reference_id": "762748", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762748" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762749", "reference_id": "762749", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762749" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystonemiddleware:1.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystonemiddleware:1.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:keystonemiddleware:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:keystonemiddleware:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:python-keystoneclient:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openstack:python-keystoneclient:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:python-keystoneclient:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7144", "reference_id": "CVE-2014-7144", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7144" }, { "reference_url": "https://github.com/advisories/GHSA-7f2c-vp52-gmfw", "reference_id": "GHSA-7f2c-vp52-gmfw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7f2c-vp52-gmfw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1783", "reference_id": "RHSA-2014:1783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1784", "reference_id": "RHSA-2014:1784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0020", "reference_id": "RHSA-2015:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0020" }, { "reference_url": "https://usn.ubuntu.com/2705-1/", "reference_id": "USN-2705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936581?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.10.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.10.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-7144", "GHSA-7f2c-vp52-gmfw", "PYSEC-2014-26", "PYSEC-2014-71" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79rs-7766-4ycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5981?format=api", "vulnerability_id": "VCID-8yta-5ta1-fkfm", "summary": "python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0992.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0992.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2166.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2166.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2013-2166", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2013-2166" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24944", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25007", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25035", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24926", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24829", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24904", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24843", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24769", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24888", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24933", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25107", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25044", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25033", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25087", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25113", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2523", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2166", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2166" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2166", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2166" }, { "reference_url": "https://github.com/advisories/GHSA-c3xq-cj8f-7829", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c3xq-cj8f-7829" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/openstack/python-keystoneclient/commit/eeefb784f24c37d5f56a421e1ccc911cace9385e", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient/commit/eeefb784f24c37d5f56a421e1ccc911cace9385e" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2019-197.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2019-197.yaml" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2013-2166", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-2166" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/06/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/06/19/5" }, { "reference_url": "http://www.securityfocus.com/bid/60684", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/60684" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713819", "reference_id": "713819", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713819" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=974271", "reference_id": "974271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974271" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2166", "reference_id": "CVE-2013-2166", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0992", "reference_id": "RHSA-2013:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936579?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.2.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.2.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2166", "GHSA-c3xq-cj8f-7829", "PYSEC-2019-197" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yta-5ta1-fkfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5980?format=api", "vulnerability_id": "VCID-d5eh-h7qr-9kbt", "summary": "python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0992.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0992.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2167.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2167.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2013-2167" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74647", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.7445", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74424", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.7442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74605", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74572", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74592", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74579", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74549", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74547", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74548", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74541", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74506", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74514", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74507", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74477", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74458", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74426", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2167" }, { "reference_url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2167" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2167" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85492", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85492" }, { "reference_url": "https://github.com/advisories/GHSA-9vg3-cf92-h2h7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9vg3-cf92-h2h7" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/openstack/python-keystoneclient/commit/eeefb784f24c37d5f56a421e1ccc911cace9385e", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient/commit/eeefb784f24c37d5f56a421e1ccc911cace9385e" }, { "reference_url": "https://github.com/openstack/python-keystoneclient/commits/0.3.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient/commits/0.3.0" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2019-161.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2019-161.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2167" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2013-2167", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-2167" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/06/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/06/19/5" }, { "reference_url": "http://www.securityfocus.com/bid/60680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/60680" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713819", "reference_id": "713819", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713819" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=974271", "reference_id": "974271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0992", "reference_id": "RHSA-2013:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936579?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.2.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.2.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2167", "GHSA-9vg3-cf92-h2h7", "PYSEC-2019-161" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5eh-h7qr-9kbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5350?format=api", "vulnerability_id": "VCID-p776-3n3m-wkhz", "summary": "python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after it has expired, or (2) use a revoked token once it expires.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00198.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00198.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0944.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0944", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2013:0944" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2104.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2104.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2104", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-2104" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73445", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73665", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73608", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73624", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73601", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73576", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73584", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73585", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73574", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73541", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73485", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73453", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73538", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73522", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2104" }, { "reference_url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1179615", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/python-keystoneclient/+bug/1179615" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=965852", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=965852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2104" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-69.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2014-69.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2104", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2104" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/05/28/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/05/28/7" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1851-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1851-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1875-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1875-1" }, { "reference_url": "https://github.com/advisories/GHSA-4rrr-j7ff-r844", "reference_id": "GHSA-4rrr-j7ff-r844", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4rrr-j7ff-r844" }, { "reference_url": "https://usn.ubuntu.com/1851-1/", "reference_id": "USN-1851-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1851-1/" }, { "reference_url": "https://usn.ubuntu.com/1875-1/", "reference_id": "USN-1875-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1875-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936574?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2104", "GHSA-4rrr-j7ff-r844", "PYSEC-2014-69" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p776-3n3m-wkhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5335?format=api", "vulnerability_id": "VCID-ryxy-ymcn-3bhr", "summary": "The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2013.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20103", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20208", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20163", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20102", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20099", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19982", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19977", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19948", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19853", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19931", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20019", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.1999", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20013", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20114", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2032", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20044", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20125", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2013" }, { "reference_url": "https://bugs.launchpad.net/python-keystoneclient/+bug/938315", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/python-keystoneclient/+bug/938315" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2013" }, { "reference_url": "https://github.com/openstack/python-keystoneclient", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient" }, { "reference_url": "https://github.com/openstack/python-keystoneclient/commit/f2e0818bc97bfbeba83f6abbb07909a8debcad77", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openstack/python-keystoneclient/commit/f2e0818bc97bfbeba83f6abbb07909a8debcad77" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2013-24.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-keystoneclient/PYSEC-2013-24.yaml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16937", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16937" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/05/23/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/05/23/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709535", "reference_id": "709535", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709535" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=957033", "reference_id": "957033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957033" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2013", "reference_id": "CVE-2013-2013", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2013" }, { "reference_url": "https://github.com/advisories/GHSA-8q2m-pwxf-jc7g", "reference_id": "GHSA-8q2m-pwxf-jc7g", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8q2m-pwxf-jc7g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936574?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:0.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:0.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936575?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:4.1.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:4.1.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936573?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936578?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936576?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.7.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.7.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936577?format=api", "purl": "pkg:deb/debian/python-keystoneclient@1:5.8.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.8.0-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2013", "GHSA-8q2m-pwxf-jc7g", "PYSEC-2013-24" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ryxy-ymcn-3bhr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-keystoneclient@1:5.0.1-3%3Fdistro=trixie" }