Openstack Python-keystoneclient
5 CVEs affecting Openstack Python-keystoneclient. Latest disclosed: 2015-04-17. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-1852 | | 2015-04-17 | The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insec… | |
CVE-2014-7144 | | 2014-10-02 | OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" op… | |
CVE-2014-0105 | | 2014-04-15 | The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens f… | |
CVE-2013-2104 | | 2014-01-21 | python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated us… | |
CVE-2013-2013 | | 2013-10-01 | The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain… |