CVE-2026-22797

Publication date 19 January 2026

Last updated 3 February 2026

Ubuntu priority

Cvss 3 Severity Score

Description

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middleware are affected.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
python-keystonemiddleware	25.10 questing	Fixed 10.12.0-0ubuntu1.1
	24.04 LTS noble	Fixed 10.6.0-0ubuntu1.1
	22.04 LTS jammy	Not affected
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected

Notes

mdeslaur

Introduced in 10.5.0 with: https://github.com/openstack/keystonemiddleware/commit/de15a610e160defb367b224258498727384d10a8

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
python-keystonemiddleware	Upstream: https://review.opendev.org/973496 Upstream: 9401c51 Upstream: https://review.opendev.org/c/openstack/keystonemiddleware/+/973495 Upstream: a44297c

Severity score breakdown

Parameter	Value
Base score	9.9 · Critical
Attack vector	Network
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Changed
Confidentiality	High
Integrity impact	High
Availability impact	Low
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

References

Related Ubuntu Security Notices (USN)

USN-8008-1
Keystone Middleware vulnerability
3 February 2026