Filtered by vendor Redhat
Subscriptions
Filtered by product Keycloak
Subscriptions
Total
86 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20202 | 1 Redhat | 1 Keycloak | 2024-08-03 | 7.3 High |
| A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to the contents that keycloak stores in this directory. The highest threat from this vulnerability is to data confidentiality and integrity. | ||||
| CVE-2021-4133 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Rhosemc | 2024-08-03 | 8.8 High |
| A flaw was found in Keycloak in versions from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled. | ||||
| CVE-2021-3856 | 1 Redhat | 2 Keycloak, Red Hat Single Sign On | 2024-08-03 | 4.3 Medium |
| ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. | ||||
| CVE-2021-3827 | 1 Redhat | 6 Enterprise Linux, Keycloak, Openshift Container Platform and 3 more | 2024-08-03 | 6.8 Medium |
| A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity. | ||||
| CVE-2021-3754 | 1 Redhat | 2 Keycloak, Single Sign-on | 2024-08-03 | 5.3 Medium |
| A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password. | ||||
| CVE-2021-3637 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Single Sign-on | 2024-08-03 | 7.5 High |
| A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack. | ||||
| CVE-2021-3632 | 1 Redhat | 4 Enterprise Linux, Keycloak, Red Hat Single Sign On and 1 more | 2024-08-03 | 7.5 High |
| A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow. | ||||
| CVE-2021-3513 | 1 Redhat | 2 Keycloak, Red Hat Single Sign On | 2024-08-03 | 7.5 High |
| A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality. | ||||
| CVE-2021-3461 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Single Sign-on | 2024-08-03 | 7.1 High |
| A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. | ||||
| CVE-2022-4361 | 1 Redhat | 8 Enterprise Linux, Keycloak, Openshift Container Platform and 5 more | 2024-08-03 | 10 Critical |
| Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri. | ||||
| CVE-2022-4137 | 1 Redhat | 4 Enterprise Linux, Keycloak, Red Hat Single Sign On and 1 more | 2024-08-03 | 8.1 High |
| A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker. | ||||
| CVE-2022-3916 | 1 Redhat | 9 Enterprise Linux, Keycloak, Openshift Container Platform and 6 more | 2024-08-03 | 6.8 Medium |
| A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user. | ||||
| CVE-2022-3782 | 1 Redhat | 8 Amq Broker, Jboss Enterprise Bpms Platform, Keycloak and 5 more | 2024-08-03 | 9.1 Critical |
| keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field. | ||||
| CVE-2022-2668 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Single Sign-on | 2024-08-03 | 7.2 High |
| An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled | ||||
| CVE-2022-1466 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Single Sign-on | 2024-08-03 | 6.5 Medium |
| Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted. | ||||
| CVE-2022-1438 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Rhosemc | 2024-08-03 | 6.4 Medium |
| A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability. | ||||
| CVE-2022-1245 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Rhosemc | 2024-08-02 | 9.8 Critical |
| A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services. | ||||
| CVE-2022-1274 | 1 Redhat | 10 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Ibm Z Systems Eus and 7 more | 2024-08-02 | 5.4 Medium |
| A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users. | ||||
| CVE-2022-0225 | 1 Redhat | 3 Keycloak, Red Hat Single Sign On, Single Sign-on | 2024-08-02 | 5.4 Medium |
| A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site scripting (XSS) attack. | ||||
| CVE-2023-48795 | 43 9bis, Apache, Apple and 40 more | 78 Kitty, Sshd, Sshj and 75 more | 2024-08-02 | 5.9 Medium |
| The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. | ||||