CNNVD-202601-3027 Information
CNNVD ID
CNNVD-202601-3027
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
OpenStack keystonemiddleware是OpenStack开源的一个核心认证组件库。 OpenStack keystonemiddleware 10.7.2之前版本、10.9.1之前版本和10.12.1之前版本存在安全漏洞,该漏洞源于未清理身份验证标头,可能导致权限提升或用户冒充。
Description (English)
OpenStack keystonimiddleware is a core authentication assembly for OpenStack open source. There is a security loophole in previous versions of OpenStack keystonimiddleware 10.72, 10.9.1 and 10.12.1, which originates from uncleaned identification markers, which may lead to enhanced privileges or impersonation by users.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
OpenStack
Published
2026-01-19
Last Modified
2026-02-24
References
https://launchpad.net/bugs/2129018 https://www.openwall.com/lists/oss-security/2026/01/16/9 http://www.openwall.com/lists/oss-security/2026/01/15/1 http://www.openwall.com/lists/oss-security/2026/01/16/2 http://www.openwall.com/lists/oss-security/2026/01/16/3 http://www.openwall.com/lists/oss-security/2026/01/16/9
Patch
https://github.com/openstack/keystonemiddleware/tags
Share on: