CVE-2013-1865: Improper Authentication
(updated )
CVE-2013-1865 OpenStack keystone: online validation of Keystone PKI tokens bypasses revocation check
References
- github.com/openstack/keystone/commit/255b1d43500f5d98ec73a0056525b492b14fec05
- lists.fedoraproject.org/pipermail/package-announce/2013-April/101719.html
- lists.opensuse.org/opensuse-updates/2013-04/msg00000.html
- rhn.redhat.com/errata/RHSA-2013-0708.html
- www.openwall.com/lists/oss-security/2013/03/20/13
- www.ubuntu.com/usn/USN-1772-1
- access.redhat.com/errata/RHSA-2013:0708
- access.redhat.com/security/cve/CVE-2013-1865
- bugs.launchpad.net/keystone/+bug/1129713
- bugzilla.redhat.com/show_bug.cgi?id=922230
- github.com/advisories/GHSA-22q6-wwq7-2jj9
- nvd.nist.gov/vuln/detail/CVE-2013-1865
- review.openstack.org/
- review.openstack.org/24906
- web.archive.org/web/20170715155558/http://www.securityfocus.com/bid/58616
Detect and mitigate CVE-2013-1865 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →