A vulnerability was found in Keycloak prior to 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat keycloak |
||
redhat openshift application runtimes - |
||
redhat openshift application runtimes 1.0 |
||
redhat single sign-on - |
||
redhat single sign-on 7.0 |
||
redhat single sign-on 7.4 |