Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/python-keystoneclient@0.7.0
purl pkg:pypi/python-keystoneclient@0.7.0
Next non-vulnerable version 1.4.0
Latest non-vulnerable version 1.4.0
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-5st1-zx32-3yfw
Aliases:
CVE-2015-1852
GHSA-p9wq-mjh8-q72m
PYSEC-2015-30
PYSEC-2015-31
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.
1.4.0
Affected by 0 other vulnerabilities.
VCID-79rs-7766-4ycf
Aliases:
CVE-2014-7144
GHSA-7f2c-vp52-gmfw
PYSEC-2014-26
PYSEC-2014-71
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.
0.11.0
Affected by 1 other vulnerability.
1.2.0
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-44u3-6h7t-dbah The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, related to an "interaction between eventlet and python-memcached." CVE-2014-0105
GHSA-gwvq-rgqf-993f
PYSEC-2014-70

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:54:41.572403+00:00 GitLab Importer Fixing VCID-44u3-6h7t-dbah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-0105.yml 38.4.0
2026-04-16T21:53:37.536722+00:00 GitLab Importer Affected by VCID-5st1-zx32-3yfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2015-1852.yml 38.4.0
2026-04-16T21:52:52.244848+00:00 GitLab Importer Affected by VCID-79rs-7766-4ycf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-7144.yml 38.4.0
2026-04-11T23:09:59.783540+00:00 GitLab Importer Fixing VCID-44u3-6h7t-dbah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-0105.yml 38.3.0
2026-04-11T23:09:04.655900+00:00 GitLab Importer Affected by VCID-5st1-zx32-3yfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2015-1852.yml 38.3.0
2026-04-11T23:08:29.214896+00:00 GitLab Importer Affected by VCID-79rs-7766-4ycf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-7144.yml 38.3.0
2026-04-04T14:31:04.121252+00:00 GHSA Importer Fixing VCID-44u3-6h7t-dbah https://github.com/advisories/GHSA-gwvq-rgqf-993f 38.1.0
2026-04-02T23:18:43.981005+00:00 GitLab Importer Fixing VCID-44u3-6h7t-dbah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-0105.yml 38.1.0
2026-04-02T23:17:46.358785+00:00 GitLab Importer Affected by VCID-5st1-zx32-3yfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2015-1852.yml 38.1.0
2026-04-02T23:17:04.622728+00:00 GitLab Importer Affected by VCID-79rs-7766-4ycf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-7144.yml 38.1.0
2026-04-01T17:39:05.458045+00:00 GitLab Importer Fixing VCID-44u3-6h7t-dbah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-0105.yml 38.0.0
2026-04-01T17:37:59.950262+00:00 GitLab Importer Affected by VCID-5st1-zx32-3yfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2015-1852.yml 38.0.0
2026-04-01T17:37:13.133251+00:00 GitLab Importer Affected by VCID-79rs-7766-4ycf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-keystoneclient/CVE-2014-7144.yml 38.0.0
2026-04-01T14:59:19.822543+00:00 PyPI Importer Affected by VCID-5st1-zx32-3yfw https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T14:59:10.896217+00:00 PyPI Importer Affected by VCID-79rs-7766-4ycf https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T14:58:51.692766+00:00 PyPI Importer Fixing VCID-44u3-6h7t-dbah https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T13:09:03.733193+00:00 GithubOSV Importer Fixing VCID-44u3-6h7t-dbah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gwvq-rgqf-993f/GHSA-gwvq-rgqf-993f.json 38.0.0
2026-04-01T12:41:13.880393+00:00 Pypa Importer Affected by VCID-5st1-zx32-3yfw https://github.com/pypa/advisory-database/blob/main/vulns/python-keystoneclient/PYSEC-2015-31.yaml 38.0.0
2026-04-01T12:41:09.139391+00:00 Pypa Importer Affected by VCID-79rs-7766-4ycf https://github.com/pypa/advisory-database/blob/main/vulns/python-keystoneclient/PYSEC-2014-71.yaml 38.0.0
2026-04-01T12:40:59.676101+00:00 Pypa Importer Fixing VCID-44u3-6h7t-dbah https://github.com/pypa/advisory-database/blob/main/vulns/python-keystoneclient/PYSEC-2014-70.yaml 38.0.0