Latest redhat keycloak Vulnerabilities

CVE-2023-6927
Keycloak: open redirect via "form_post.jwt" jarm response mode
maven/org.keycloak:keycloak-parent<=23.0.3
Redhat Keycloak
Redhat Single Sign-on=7.0
redhat/keycloak<23.0.4
CVE-2023-48795
Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
pip/paramiko>=2.5.0<3.4.0
go/golang.org/x/crypto<0.17.0
rust/russh<0.40.2
Apple macOS Sonoma<14.4
redhat/PuTTY<0.80
redhat/AsyncSSH<2.14.1
and 128 more
CVE-2023-6563
Keycloak: offline session token dos
Redhat Keycloak<21.0.0
Redhat Single Sign-on=7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Single Sign-on
and 11 more
CVE-2023-6291
Keycloak: redirect_uri validation bypass
maven/org.keycloak:keycloak-services<23.0.3
Redhat Keycloak<22.0.7
Redhat Single Sign-on
Redhat Openshift Container Platform=4.11
Redhat Openshift Container Platform=4.12
Redhat Openshift Container Platform For Ibm Z=4.9
and 12 more
CVE-2023-6134
Keycloak: reflected xss via wildcard in oidc redirect_uri
maven/org.keycloak:keycloak-services<23.0.3
Redhat Single Sign-on<7.6.6
Redhat Keycloak<22.0.7
Redhat Single Sign-on<7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 11 more
CVE-2023-4918
Plaintext storage of user password
Redhat Keycloak=22.0.2
redhat/keycloak<22.0.3
CVE-2023-2422
Keycloak: oauth client impersonation
maven/org.keycloak:keycloak-services<21.1.2
Redhat Keycloak
Redhat Openshift Container Platform=4.9
Redhat Openshift Container Platform=4.10
Redhat Openshift Container Platform=4.11
Redhat Openshift Container Platform=4.12
and 5 more
CVE-2023-1664
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5cc8-pgp5-7mpm. This link is maintained to preserve external references. ## Original Advisory A flaw was found...
Redhat Keycloak
Redhat Single Sign-on=7.0
Redhat Build Of Quarkus
Redhat Jboss A-mq=7
Redhat Migration Toolkit For Runtimes
redhat/rh-sso7-keycloak<0:18.0.8-1.redhat_00001.1.el7
and 4 more
CVE-2023-0264
Keycloak's OpenID Connect user authentication was found to incorrectly authenticate requests. An authenticated attacker who could also obtain a certain piece of info from a user request, from a victim...
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
maven/org.keycloak:keycloak-services<21.0.1
Redhat Keycloak<18.0.6
Redhat Single Sign-on<7.6.2
and 10 more
CVE-2023-0105
A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lock...
maven/org.keycloak:keycloak-core<22.0.1
Redhat Keycloak
Redhat Single Sign-on=7.0
redhat/keycloak<22.0.1
CVE-2022-4361
AssertionConsumerServiceURL is a Java implementation for SAML Service Providers (org.keycloak.protocol.saml). Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Assertion...
Redhat Keycloak<21.1.2
Redhat Single Sign-on>=7.6<7.6.4
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Single Sign-on
and 7 more
CVE-2022-4137
Keycloak: reflected xss attack
Redhat Keycloak
Redhat Single Sign-on=7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
and 3 more
CVE-2022-3916
Keycloak: session takeover with oidc offline refreshtokens
maven/org.keycloak:keycloak-parent<=19.0.2
Redhat Keycloak<20.0.2
Redhat Single Sign-on
Redhat Single Sign-on=7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 15 more
CVE-2022-3782
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs...
Redhat Keycloak=20.0.2
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00002.1.el8
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00002.1.el9
CVE-2023-0091
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitiv...
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Redhat Keycloak
Redhat Single Sign-on=7.0
redhat/keycloak<20.0.3
CVE-2022-2668
A flaw was found in keycloak. The vulnerability allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled.
redhat/keycloak<19.0.2
redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el8
redhat/rh-sso7<0:1-5.el9
and 4 more
CVE-2022-1245
A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client...
Redhat Keycloak<18.0.0
CVE-2022-1970
An open redirection vulnerability (open redirect) exists in keycloak auth endpoint. URL can be mentioned as the value of redirect_uri query parameter and it successfully redirects to it. References: ...
Redhat Keycloak=18.0.0
CVE-2022-1274
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other a...
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Redhat Keycloak<20.0.5
Redhat Single Sign-on
Redhat Single Sign-on>=7.6<7.6.2
and 32 more
CVE-2022-1466
Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though...
Redhat Keycloak<17.0.1
Redhat Single Sign-on=7.5.0
redhat/keycloak<17.0.1
maven/org.keycloak:keycloak-core<17.0.1
CVE-2022-0225
A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site sc...
redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el8
redhat/rh-sso7<0:1-5.el9
redhat/rh-sso7-javapackages-tools<0:6.0.0-7.el9
and 3 more
CVE-2021-4133
A flaw was found in Keycloak in versions from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even ...
Redhat Keycloak>=12.0.0<15.1.1
redhat/rh-sso7-keycloak<0:15.0.2-3.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:15.0.4-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.2-3.redhat_00002.1.el8
redhat/rh-sso7-keycloak<0:15.0.4-1.redhat_00001.1.el8
redhat/redhat-sso<7-sso75-openshift-rhel8
CVE-2022-1438
Keycloak: xss on impersonation under specific circumstances
maven/org.keycloak:keycloak-services<=21.0.0
Redhat Keycloak
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
CVE-2021-20323
A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak.
Redhat Keycloak<17.0.0
redhat/keycloak<18.0.0
CVE-2021-3856
<a href="https://issues.redhat.com/browse/KEYCLOAK-19422">https://issues.redhat.com/browse/KEYCLOAK-19422</a> <a href="https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keyc...
Redhat Keycloak<15.1.0
CVE-2021-3827
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending...
redhat/keycloak-server-spi-private<18.0.0
redhat/rh-sso7-keycloak<0:15.0.4-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.4-1.redhat_00001.1.el8
redhat/redhat-sso<7-sso75-openshift-rhel8
Redhat Keycloak<18.0.0
Redhat Single Sign-on=7.0
and 6 more
CVE-2021-3754
keycloak allows the use of email as a username and doesn't check that an account with this email already exists. That could lead to the unability to reset/login with email for the user. This is caused...
Redhat Keycloak
Redhat Single Sign-on=7.0
CVE-2021-3632
A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less l...
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el6
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el8
Redhat Keycloak<15.1.0
Redhat Single Sign-on=7.0
Redhat Single Sign-on>=7.4<7.4.9
and 3 more
CVE-2021-3513
A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entere...
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el6
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el8
Redhat Keycloak<13.0.0
CVE-2021-3461
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
redhat/rh-sso7-keycloak<0:9.0.13-1.redhat_00006.1.el6
redhat/rh-sso7-keycloak<0:9.0.13-1.redhat_00006.1.el7
redhat/rh-sso7-keycloak<0:9.0.13-1.redhat_00006.1.el8
redhat/rh-sso7-keycloak<9.0.13
Redhat Keycloak=9.0.13
Redhat Single Sign-on=7.0
and 2 more
CVE-2021-20262
Re-authentication is missing while updating the password. This may cause account takeover if any attacker get the temporary physical access to a user's browser. <a href="https://issues.redhat.com/bro...
Redhat Keycloak=12.0.0
Redhat Single Sign-on=7.0
CVE-2021-20222
Attacker can attach malicious code using the referrer URL using new account console. <a href="https://issues.redhat.com/browse/KEYCLOAK-17033">https://issues.redhat.com/browse/KEYCLOAK-17033</a>
redhat/keycloak<13.0.0
Redhat Keycloak>=9.0.0<13.0.0
CVE-2021-20202
This particular vulnerability exists because on unix-like systems (not including MacOS) the system temporary directory is shared between all users. As such, failure to correctly set file permissions a...
redhat/keycloak<13.0.0
Redhat Keycloak<13.0.0
CVE-2021-20195
A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encode...
Redhat Keycloak<12.0.3
redhat/keycloak<13.0.0
CVE-2020-35509
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest thr...
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el6
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el8
Redhat Keycloak=11.0.3
Redhat Keycloak=12.0.0
CVE-2021-3637
A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack.
Redhat Keycloak<14.0.0
Redhat Single Sign-on=7.0
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el6
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el7
redhat/rh-sso7-keycloak<0:9.0.15-1.redhat_00002.1.el8
CVE-2020-27838
A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be a...
Redhat Keycloak<13.0.0
Redhat Single Sign-on=7.0
redhat/keycloak<13.0.0
maven/org.keycloak:keycloak-core<13.0.0
<13.0.0
=7.0
CVE-2020-27826
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute...
redhat/keycloak<12.0.0
redhat/rh-sso7-keycloak<0:9.0.10-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.10-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.10-1.redhat_00001.1.el8
Redhat Keycloak<12.0.0
Redhat Single Sign-on
and 2 more
CVE-2020-14366
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the fi...
Redhat Keycloak<12.0.0
CVE-2020-14389
It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user w...
redhat/keycloak<12.0.0
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el8
redhat/rh-sso7-libunix-dbus-java<0:0.8.0-2.el8
Redhat Keycloak<12.0.0
CVE-2020-14302
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the ...
redhat/rh-sso7-keycloak<0:9.0.12-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.12-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.12-1.redhat_00001.1.el8
Redhat Keycloak<13.0.0
CVE-2020-10776
A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack.
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.9-1.redhat_00001.1.el8
redhat/rh-sso7-libunix-dbus-java<0:0.8.0-2.el8
Redhat Keycloak<12.0.0
redhat/keycloak<12.0.0
and 2 more
CVE-2020-10770
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parame...
Redhat Keycloak<12.0.2
redhat/keycloak<13.0.0
redhat/rh-sso7-keycloak<0:9.0.11-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.11-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.11-1.redhat_00001.1.el8
CVE-2020-10758
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that...
redhat/keycloak<11.0.1
redhat/rh-sso7-keycloak<0:9.0.5-1.redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:9.0.5-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:9.0.5-1.redhat_00001.1.el8
Redhat Keycloak<11.0.1
Redhat Openshift Application Runtimes
and 4 more
CVE-2020-10748
A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or furth...
Redhat Keycloak=10.0.1
Redhat Single Sign-on<7.4.1
CVE-2019-10170
A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy. This flaw allows an attacker with authenticated user and realm managemen...
Redhat Keycloak<8.0.0
CVE-2019-10169
A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a...
Redhat Keycloak<8.0.0
maven/org.keycloak:keycloak-authz-client<8.0.0
<8.0.0
CVE-2020-10734
A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Appl...
Redhat Keycloak
Redhat Jboss Fuse=7.0.0
Redhat Openshift Application Runtimes
Redhat Single Sign-on=7.0
redhat/keycloak<18.0.0
CVE-2020-10686
A community-only flaw was found where a malicious user can register himself and then uses the "remove devices" form to post different credential ids with the hope of removing MFA devices for other use...
Redhat Keycloak=8.0.2
Redhat Keycloak=9.0.0
maven/org.keycloak:keycloak-core<=9.0.1
=8.0.2
=9.0.0
CVE-2020-1758
A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a ma...
redhat/rh-sso7-keycloak<0:4.8.20-1.Final_redhat_00001.1.el6
redhat/rh-sso7-keycloak<0:4.8.20-1.Final_redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:4.8.20-1.Final_redhat_00001.1.el8
Redhat Keycloak<10.0.0
Redhat Openstack=10

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203