Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: rubyPackages_3_1.keystone-engine

Found 2 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2026-33326

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 3 weeks ago

@keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany

Keystone is a content management system for Node.js. Prior to version 6.5.2, {field}.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 (field-level isFilterable bypass for update and delete mutations) added checks to the where parameter in update and delete mutations however the cursor parameter in findMany was not patched and accepts the same UniqueWhere input type. This issue has been patched in version 6.5.2.

References

https://github.com/keystonejs/keystone/security/advisories/GHSA-cgcg-q9jh-5pr2 x_refsource_CONFIRM

Affected products

keystone

==< 6.5.2

Matching in nixpkgs

pkgs.keystone

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.rubyPackages.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python313Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.1
- nixpkgs-unstable keystoneauth1-5.13.1
- nixos-unstable-small keystoneauth1-5.13.1
nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python314Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.1
- nixpkgs-unstable keystoneauth1-5.13.1
- nixos-unstable-small keystoneauth1-5.13.1

pkgs.rubyPackages_3_1.keystone-engine

None

pkgs.rubyPackages_3_2.keystone-engine

None

pkgs.rubyPackages_3_3.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_3_4.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_4_0.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python313Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python314Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2

pkgs.python312Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python313Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.8.0
- nixpkgs-unstable 5.8.0
- nixos-unstable-small 5.8.0
nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python314Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.8.0
- nixpkgs-unstable 5.8.0
- nixos-unstable-small 5.8.0

Package maintainers

@jollheef Mikhail Klementev <root@dumpstack.io>
@anthonyroussel Anthony Roussel <anthony@roussel.dev>
@vinetos vinetos <contact+git@vinetos.fr>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

Untriaged

Permalink CVE-2012-1572

created 1 month, 4 weeks ago

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting …

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space

References

https://security-tracker.debian.org/tracker/CVE-2012-1572 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1572 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_transferredx_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1572 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1572 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_transferredx_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1572 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1572 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_transferredx_refsource_MISC

Affected products

Keystone

==2014.1.3

Matching in nixpkgs

pkgs.keystone

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.rubyPackages.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python313Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.0
- nixpkgs-unstable keystoneauth1-5.13.0
- nixos-unstable-small keystoneauth1-5.13.0
nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python314Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.0
- nixpkgs-unstable keystoneauth1-5.13.0
- nixos-unstable-small keystoneauth1-5.13.0

pkgs.rubyPackages_3_1.keystone-engine

None

pkgs.rubyPackages_3_2.keystone-engine

None

pkgs.rubyPackages_3_3.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_3_4.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_4_0.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python313Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python314Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2

pkgs.python312Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python313Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.7.0
- nixpkgs-unstable 5.7.0
- nixos-unstable-small 5.7.0
nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python314Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.7.0
- nixpkgs-unstable 5.7.0
- nixos-unstable-small 5.7.0

Package maintainers

@jollheef Mikhail Klementev <root@dumpstack.io>
@anthonyroussel Anthony Roussel <anthony@roussel.dev>
@vinetos vinetos <contact+git@vinetos.fr>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

1