{"id":"UBUNTU-CVE-2025-65073","details":"OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.","modified":"2026-05-20T16:11:28.038745228Z","published":"2025-11-04T15:00:00Z","related":["USN-7857-1","USN-7926-1"],"upstream":["CVE-2025-65073"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-65073"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2025-65073"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7857-1"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2025/11/04/2"},{"type":"REPORT","url":"https://security.openstack.org/ossa/OSSA-2025-002.html"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7926-1"}],"affected":[{"package":{"name":"heat","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.0.0-0ubuntu1","1:6.0.0~b1-0ubuntu1","1:6.0.0~b2-0ubuntu1","1:6.0.0~b2-0ubuntu2","1:6.0.0~b3-0ubuntu1","1:6.0.0~rc1-0ubuntu1","1:6.0.0-0ubuntu1","1:6.0.0-0ubuntu1.1","1:6.1.0-0ubuntu1","1:6.1.1-0ubuntu1","1:6.1.2-0ubuntu1","1:6.1.2-0ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:6.1.2-0ubuntu1.1"},{"binary_name":"heat-api-cfn","binary_version":"1:6.1.2-0ubuntu1.1"},{"binary_name":"heat-api-cloudwatch","binary_version":"1:6.1.2-0ubuntu1.1"},{"binary_name":"heat-common","binary_version":"1:6.1.2-0ubuntu1.1"},{"binary_name":"heat-engine","binary_version":"1:6.1.2-0ubuntu1.1"},{"binary_name":"python-heat","binary_version":"1:6.1.2-0ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:8.0.0-0ubuntu1","2:9.0.0~b1-0ubuntu1","2:9.0.0~b2-0ubuntu1","2:9.0.0~b3-0ubuntu1","2:9.0.0~rc1-0ubuntu1","2:9.0.0-0ubuntu1","2:9.0.2-0ubuntu1","2:9.0.2-0ubuntu2","2:9.1.0-0ubuntu1","2:9.2.0-0ubuntu1","2:9.3.0-0ubuntu1","2:9.3.0-0ubuntu2","2:9.3.0-0ubuntu3","2:9.3.0-0ubuntu3.1","2:9.3.0-0ubuntu3.2"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:9.3.0-0ubuntu3.2"},{"binary_name":"python-keystone","binary_version":"2:9.3.0-0ubuntu3.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.0-0ubuntu1","2.7.0-0ubuntu2","2.7.0-0ubuntu2.1","2.7.1-0ubuntu1","2.7.1-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"python-swift","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift-account","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift-container","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift-object","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift-object-expirer","binary_version":"2.7.1-0ubuntu2"},{"binary_name":"swift-proxy","binary_version":"2.7.1-0ubuntu2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:9.0.0-0ubuntu1","1:10.0.0~b1-0ubuntu1","1:10.0.0~b2-0ubuntu1","1:10.0.0-0ubuntu1.1","1:10.0.1-0ubuntu1","1:10.0.1-0ubuntu2","1:10.0.2-0ubuntu1","1:10.0.2-0ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:10.0.2-0ubuntu1.1"},{"binary_name":"heat-api-cfn","binary_version":"1:10.0.2-0ubuntu1.1"},{"binary_name":"heat-common","binary_version":"1:10.0.2-0ubuntu1.1"},{"binary_name":"heat-engine","binary_version":"1:10.0.2-0ubuntu1.1"},{"binary_name":"python-heat","binary_version":"1:10.0.2-0ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:12.0.0-0ubuntu1","2:13.0.0~b1-0ubuntu1","2:13.0.0~b2-0ubuntu1","2:13.0.0~b3-0ubuntu1","2:13.0.0~rc1-0ubuntu1","2:13.0.0~rc2-0ubuntu1","2:13.0.0-0ubuntu1","2:13.0.1-0ubuntu1","2:13.0.2-0ubuntu1","2:13.0.2-0ubuntu3","2:13.0.4-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:13.0.4-0ubuntu1"},{"binary_name":"python-keystone","binary_version":"2:13.0.4-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.15.1-0ubuntu3","2.16.0-0ubuntu1","2.16.0-0ubuntu2","2.17.0-0ubuntu1","2.17.1-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"python-swift","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift-account","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift-container","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift-object","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift-object-expirer","binary_version":"2.17.1-0ubuntu1"},{"binary_name":"swift-proxy","binary_version":"2.17.1-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:13.0.0-0ubuntu1","1:14.0.0~b1~git2019121613.7b606461e-0ubuntu1","1:14.0.0~b2~git2020021413.94bdcd8c9-0ubuntu2","1:14.0.0~b3~git2020032414.d8354d908-0ubuntu1","1:14.0.0~b3~git2020041012.2ef9f4bf3-0ubuntu1","1:14.0.0-0ubuntu0.20.04.1","1:14.1.0-0ubuntu1","1:14.2.0-0ubuntu1","1:14.2.0-0ubuntu1.1","1:14.2.0-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:14.2.0-0ubuntu2"},{"binary_name":"heat-api-cfn","binary_version":"1:14.2.0-0ubuntu2"},{"binary_name":"heat-common","binary_version":"1:14.2.0-0ubuntu2"},{"binary_name":"heat-engine","binary_version":"1:14.2.0-0ubuntu2"},{"binary_name":"python3-heat","binary_version":"1:14.2.0-0ubuntu2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:16.0.0-0ubuntu1","2:17.0.0~b1~git2019121613.db81fee63-0ubuntu1","2:17.0.0~b2~git2020020513.99733f172-0ubuntu1","2:17.0.0~b3~git2020032415.9f9040257-0ubuntu1","2:17.0.0~b3~git2020032415.9f9040257-0ubuntu2","2:17.0.0~b3~git2020041013.7bb6314e4-0ubuntu1","2:17.0.0-0ubuntu0.20.04.1","2:17.0.1-0ubuntu1","2:17.0.1-0ubuntu2","2:17.0.1-0ubuntu2+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:17.0.1-0ubuntu2+esm1"},{"binary_name":"keystone-common","binary_version":"2:17.0.1-0ubuntu2+esm1"},{"binary_name":"python3-keystone","binary_version":"2:17.0.1-0ubuntu2+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.23.0-0ubuntu1","2.23.1-0ubuntu1","2.24.0~git2019121715.e890b0f0f-0ubuntu1","2.24.0-0ubuntu1","2.24.1~git2020032711.712bf3c9f-0ubuntu2","2.24.1~git2020041316.a495f1e32-0ubuntu1","2.25.0-0ubuntu0.20.04.1","2.25.1-0ubuntu1","2.25.2-0ubuntu1","2.25.2-0ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-swift","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift-account","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift-container","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift-object","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift-object-expirer","binary_version":"2.25.2-0ubuntu1.1"},{"binary_name":"swift-proxy","binary_version":"2.25.2-0ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:17.0.0-0ubuntu1","1:17.0.0+git2021120816.fe8fba8c9-0ubuntu2","1:17.0.0+git2022011216.9af3af156-0ubuntu1","1:17.0.0+git2022011216.9af3af156-0ubuntu3","1:17.0.1+git2022030311.968969b99-0ubuntu1","1:18.0.0-0ubuntu1","1:18.0.0-0ubuntu1.1","1:18.0.0-0ubuntu1.2","1:18.0.1-0ubuntu1","1:18.0.1-0ubuntu1.1","1:18.0.1-0ubuntu1.2","1:18.0.1-0ubuntu1.3"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:18.0.1-0ubuntu1.3"},{"binary_name":"heat-api-cfn","binary_version":"1:18.0.1-0ubuntu1.3"},{"binary_name":"heat-common","binary_version":"1:18.0.1-0ubuntu1.3"},{"binary_name":"heat-engine","binary_version":"1:18.0.1-0ubuntu1.3"},{"binary_name":"python3-heat","binary_version":"1:18.0.1-0ubuntu1.3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:21.0.1-0ubuntu2.1"}]}],"versions":["2:20.0.0-0ubuntu1","2:20.0.0+git2021120815.2ddf8f321-0ubuntu1","2:20.0.0+git2022011217.771c943ad-0ubuntu1","2:20.0.0+git2022030313.a3fc9e7c3-0ubuntu1","2:21.0.0-0ubuntu1","2:21.0.1-0ubuntu1","2:21.0.1-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:21.0.1-0ubuntu2.1"},{"binary_name":"keystone-common","binary_version":"2:21.0.1-0ubuntu2.1"},{"binary_name":"python3-keystone","binary_version":"2:21.0.1-0ubuntu2.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.29.2-0ubuntu1.1"}]}],"versions":["2.28.0+git2021090911.5d52afbe4-0ubuntu1","2.28.0+git2021120815.1859f2e16-0ubuntu1","2.28.0+git2021121320.876377435-0ubuntu1","2.28.0+git2022011309.32da73f5c-0ubuntu1","2.29.0+git2022030314.3ff3076ce-0ubuntu1","2.29.0+git2022030314.3ff3076ce-0ubuntu2","2.29.1-0ubuntu1","2.29.2-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-swift","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift-account","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift-container","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift-object","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift-object-expirer","binary_version":"2.29.2-0ubuntu1.1"},{"binary_name":"swift-proxy","binary_version":"2.29.2-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:21.0.0-0ubuntu2","1:21.0.0-0ubuntu3","1:21.0.0+git2024011916.2df46d4c-0ubuntu1","1:22.0.0~rc1-0ubuntu1","1:22.0.0-0ubuntu1","1:22.0.0-0ubuntu2","1:22.0.1-0ubuntu1","1:22.0.1-0ubuntu1.1","1:22.0.1-0ubuntu1.2"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:22.0.1-0ubuntu1.2"},{"binary_name":"heat-api-cfn","binary_version":"1:22.0.1-0ubuntu1.2"},{"binary_name":"heat-common","binary_version":"1:22.0.1-0ubuntu1.2"},{"binary_name":"heat-engine","binary_version":"1:22.0.1-0ubuntu1.2"},{"binary_name":"python3-heat","binary_version":"1:22.0.1-0ubuntu1.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:25.0.0-0ubuntu1.1"}]}],"versions":["2:24.0.0-0ubuntu1","2:24.0.0+git2024011916.adfa92b4-0ubuntu1","2:25.0.0~rc1-0ubuntu1","2:25.0.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:25.0.0-0ubuntu1.1"},{"binary_name":"keystone-common","binary_version":"2:25.0.0-0ubuntu1.1"},{"binary_name":"python3-keystone","binary_version":"2:25.0.0-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.33.0-0ubuntu1.1"}]}],"versions":["2.32.0+git2023090714.8ce961ed-0ubuntu1","2.32.0+git2024021508.3aba22fd-0ubuntu1","2.32.0+git2024030809.4135133a-0ubuntu1","2.33.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-swift","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift-account","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift-container","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift-object","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift-object-expirer","binary_version":"2.33.0-0ubuntu1.1"},{"binary_name":"swift-proxy","binary_version":"2.33.0-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/heat?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:24.0.0-0ubuntu1","1:25.0.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:25.0.0-0ubuntu1"},{"binary_name":"heat-api-cfn","binary_version":"1:25.0.0-0ubuntu1"},{"binary_name":"heat-common","binary_version":"1:25.0.0-0ubuntu1"},{"binary_name":"heat-engine","binary_version":"1:25.0.0-0ubuntu1"},{"binary_name":"python3-heat","binary_version":"1:25.0.0-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:28.0.0-0ubuntu1.1"}]}],"versions":["2:27.0.0-0ubuntu1","2:27.0.0+git2025080113.e066e18ab-0ubuntu1","2:28.0.0~rc1-0ubuntu1","2:28.0.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:28.0.0-0ubuntu1.1"},{"binary_name":"keystone-common","binary_version":"2:28.0.0-0ubuntu1.1"},{"binary_name":"python3-keystone","binary_version":"2:28.0.0-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/swift?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.36.0-0ubuntu1.1"}]}],"versions":["2.35.0-0ubuntu1","2.35.0+git2025070714.1428eb3b5-0ubuntu1","2.36.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-swift","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift-account","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift-container","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift-object","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift-object-expirer","binary_version":"2.36.0-0ubuntu1.1"},{"binary_name":"swift-proxy","binary_version":"2.36.0-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"heat","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/heat?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:25.0.0-0ubuntu1","1:25.0.0+git20260124.b471f4a-0ubuntu1","1:26.0.0~rc1-0ubuntu1","1:26.0.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"heat-api","binary_version":"1:26.0.0-0ubuntu1"},{"binary_name":"heat-api-cfn","binary_version":"1:26.0.0-0ubuntu1"},{"binary_name":"heat-common","binary_version":"1:26.0.0-0ubuntu1"},{"binary_name":"heat-engine","binary_version":"1:26.0.0-0ubuntu1"},{"binary_name":"python3-heat","binary_version":"1:26.0.0-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"keystone","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/keystone?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:28.0.0-0ubuntu2"}]}],"versions":["2:28.0.0-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"keystone","binary_version":"2:28.0.0-0ubuntu2"},{"binary_name":"keystone-common","binary_version":"2:28.0.0-0ubuntu2"},{"binary_name":"python3-keystone","binary_version":"2:28.0.0-0ubuntu2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}},{"package":{"name":"swift","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/swift?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.36.0-0ubuntu1","2.37.0-0ubuntu1","2.37.1-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-swift","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift-account","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift-container","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift-object","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift-object-expirer","binary_version":"2.37.1-0ubuntu2"},{"binary_name":"swift-proxy","binary_version":"2.37.1-0ubuntu2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-65073.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}