Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat keycloak 9.0.0 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2020-10686
A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in Keycloak version 9.0.1, where a malicious user registers as oneself. The attacker could then use the remove devices form to post different credential IDs and possibly remove MFA devices for other users.
Redhat Keycloak 9.0.0
Redhat Keycloak 8.0.2
5.5
CVSSv3
CVE-2020-1698
A flaw was found in keycloak in versions prior to 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.
Redhat Keycloak
5.4
CVSSv3
CVE-2020-1697
It was found in all keycloak versions prior to 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly...
Redhat Keycloak
Redhat Single Sign-on 7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started