CVE-2015-7546
- EPSS 0.11%
- Published 03.02.2016 18:59:04
- Last modified 12.04.2025 10:46:40
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorizat...
CVE-2015-1852
- EPSS 0.22%
- Published 17.04.2015 17:59:02
- Last modified 12.04.2025 10:46:40
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which...
CVE-2014-7144
- EPSS 0.37%
- Published 02.10.2014 14:55:04
- Last modified 12.04.2025 10:46:40
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows...