VYPR

rpm package

opensuse/python-keystonemiddleware&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-keystonemiddleware&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-22797CriJan 19, 2026
    affected < 10.12.0-2.1fixed 10.12.0-2.1

    An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens.

  • CVE-2015-1852Apr 17, 2015
    affected < 4.9.0-1.3fixed 4.9.0-1.3

    The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to co