GHSA-hhq2-3832-xxcv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hhq2-3832-xxcv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-hhq2-3832-xxcv/GHSA-hhq2-3832-xxcv.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-hhq2-3832-xxcv
- Aliases
-
- CVE-2026-43001
- Related
- Published
- 2026-05-01T09:30:25Z
- Modified
- 2026-05-28T12:29:19.787833853Z
- Severity
-
- 7.9 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L CVSS Calculator
- Summary
- OpenStack Keystone has an Incorrect Authorization Issue
- Details
-
An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credential for project A to create an EC2 credential targeting project B; a subsequent /v3/ec2tokens exchange would then issue a Keystone token scoped to project B while still carrying the original appcred_id, enabling cross-project lateral movement within the credential owner's role footprint.
- Database specific
{ "cwe_ids": [ "CWE-863" ], "github_reviewed_at": "2026-05-07T02:39:59Z", "github_reviewed": true, "severity": "HIGH", "nvd_published_at": "2026-05-01T09:16:17Z" }- References
Affected packages
PyPI / keystone
Package
- Name
- keystone
- View open source insights on deps.dev
- Purl
- pkg:pypi/keystone
Affected versions
13.*
13.0.2
13.0.3
13.0.4
14.*
14.0.0
14.0.1
14.1.0
14.2.0
15.*
15.0.0.0rc1
15.0.0.0rc2
15.0.0
15.0.1
16.*
16.0.0.0rc1
16.0.0.0rc2
16.0.0
16.0.1
16.0.2
17.*
17.0.0.0rc1
17.0.0.0rc2
17.0.0
17.0.1
18.*
18.0.0.0rc1
18.0.0
18.1.0
19.*
19.0.0.0rc1
19.0.0.0rc2
19.0.0
19.0.1
20.*
20.0.0.0rc1
20.0.0
20.0.1
21.*
21.0.0.0rc1
21.0.0
21.0.1
22.*
22.0.0.0rc1
22.0.0
22.0.1
22.0.2
23.*
23.0.0.0rc1
23.0.0
23.0.1
23.0.2
24.*
24.0.0.0rc1
24.0.0
24.1.0
25.*
25.0.0.0rc1
25.0.0
26.*
26.0.0.0rc1
26.0.0
26.1.0
26.1.1
27.*
27.0.0.0rc1
27.0.0
27.0.1
28.*
28.0.0.0rc1
28.0.0
28.0.1
29.*
29.0.0.0rc1
29.0.0
29.0.1