High severity7.5GHSA Advisory· Published Nov 17, 2025· Updated Apr 15, 2026
CVE-2025-65073
CVE-2025-65073
Description
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keystonePyPI | < 26.0.1 | 26.0.1 |
keystonePyPI | >= 27.0.0.0rc1, < 27.0.0 | 27.0.0 |
keystonePyPI | >= 28.0.0.0rc1, < 28.0.0 | 28.0.0 |
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.