VDB
KO

PYSEC-2026-934

OpenStack Object Storage (Swift) Sensitive Data Exposure

Details

OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / swift
Introduced in: 0 Fixed in: 2.4.0
Fix pip install --upgrade 'swift>=2.4.0'

References