keystone vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-43000Mediumkeystone: OpenStack Keystone has an Incorrect Authorization issueCVE-2026-44394Mediumkeystone: OpenStack Keystone's federated token rescoping mechanism doesn't propagate the original token's…CVE-2026-42999Mediumkeystone: OpenStack Keystone has an Authorization BypassCVE-2026-42998Mediumkeystone: OpenStack Keystone doesn't verify that the user supplied in the authentication request matches the…CVE-2026-43001Highkeystone: OpenStack Keystone has an Incorrect Authorization IssueCVE-2026-40683Highkeystone: OpenStack Keystone: LDAP identity backend does not convert enabled attribute to booleanCVE-2026-33551Lowkeystone: OpenStack Keystone: Restricted application credentials can create EC2 credentialsCVE-2025-65073Highkeystone: OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide…CVE-2021-3563Criticalkeystone: Openstack Keystone Incorrect Authorization vulnerabilityCVE-2021-38155Highkeystone: OpenStack Keystone allows information disclosure during account lockingCVE-2020-12691Highkeystone: OpenStack Keystone V3 /credentials endpoint policy logic allows to change credentials owner or…CVE-2020-12692Mediumkeystone: OpenStack Keystone does not check signature TTL of the EC2 credential auth methodCVE-2020-12689Highkeystone: OpenStack Keystone EC2 and/or credential endpoints are not protected from a scoped context CVE-2019-19687Highkeystone: OpenStack Keystone Credential LeakageCVE-2012-3426MediumKeystone: OpenStack Keystone token expiration issuesCVE-2012-3542Highkeystone: OpenStack Keystone Allows Remote User Account CreationCVE-2013-4294Mediumkeystone: OpenStack Identity (Keystone) allows remote attackers to bypass intended access restrictions via…CVE-2013-1865Mediumkeystone: OpenStack Keystone Improper Authentication vulnerabilityCVE-2013-4477Lowkeystone: OpenStack Identity Keystone Privilege Escalation vulnerabilityCVE-2013-2006Lowkeystone: OpenStack Keystone Sensitive information disclosure via log filesCVE-2014-5252Highkeystone: OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation eventsCVE-2014-5253Highkeystone: OpenStack Keystone Domain-scoped tokens don't get revokedCVE-2014-5251Highkeystone: OpenStack Identity (Keystone) Multiple vulnerabilities in revocation eventsCVE-2014-2237Highkeystone: OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backendCVE-2014-2828Highkeystone: OpenStack Identity (Keystone) DoS through V3 API authentication chaining

Stop the waste.
Protect your environment with Kodem.