Published: 22/06/2020 Updated: 07/11/2023

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

CVSS v3 Base Score: 5.4 | Impact Score: 2.5 | Exploitability Score: 2.8

VMScore: 490

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N

A vulnerability was found in Keycloak prior to 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat keycloak

Synopsis Important: Red Hat build of Thorntail 270 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of ThorntailRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...

Synopsis Important: Red Hat support for Spring Boot 226 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...

Synopsis Moderate: Red Hat Single Sign-On 740 security update Type/Severity Security Advisory: Moderate Topic A security update is now available for Red Hat Single Sign-On 74 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerab ...

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1727 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:2905

CVE-2020-1727

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect