Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

KeycloakA potential security flaw in the "checkLoginIframe" which allows unvalidated cross-origin messages, …

high
7
First published (updated )
REDHAT-BUG-2262918

KeycloakDeployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS en…

high
7
First published (updated )
REDHAT-BUG-2319217

KeycloakAn issue was found in the redirect_uri validation logic that allows for a bypass of otherwise explic…

high
7
First published (updated )
REDHAT-BUG-2251407

KeycloakThe SAML signature validation method in Keycloak uses the position of the signature within the XML d…

high
7
First published (updated )
REDHAT-BUG-2311641

maven/org.keycloak:keycloak-corePlaintext storage of user password

high
8.8
First published (updated )
CVE-2023-4918

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakImportant: Red Hat build of Keycloak 26.0.6 Images Update

high
7
First published (updated )
RHSA-2024:10177

KeycloakImportant: Red Hat build of Keycloak 24.0.9 Images Update

high
7
First published (updated )
RHSA-2024:10175

KeycloakImportant: Red Hat build of Keycloak 26.0.6 Update

high
7
First published (updated )
RHSA-2024:10178

KeycloakImportant: Red Hat build of Keycloak 24.0.9 Update

high
7
First published (updated )
RHSA-2024:10176

KeycloakUsers with low privileges (just plain users in the realm) are able to utilize administrative functio…

high
7
First published (updated )
REDHAT-BUG-2274403

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakImportant: Red Hat build of Keycloak 22.0.13 Update

high
7
First published (updated )
RHSA-2024:6888

KeycloakImportant: Red Hat build of Keycloak 24.0.8 Images Update

high
7
First published (updated )
RHSA-2024:6889

KeycloakImportant: Red Hat build of Keycloak 22.0.13 Images Update

high
7
First published (updated )
RHSA-2024:6887

KeycloakImportant: Red Hat build of Keycloak 24.0.8 Update

high
7
First published (updated )
RHSA-2024:6890

KeycloakIt was found that the keycloak before 2.3.0 did not implement authentication flow correctly. An atta…

high
8.1
First published (updated )
CVE-2016-8609

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

pip/keycloak-httpd-client-installInfoleak

high
7.8
First published (updated )
CVE-2017-15112

KeycloakIt was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the midd…

high
7.5
First published (updated )
CVE-2017-2646

redhat/KeycloakA flaw was found in JBOSS Keycloak. The SAML broker consumer endpoint ignores expiration conditions …

high
8.1
First published (updated )
CVE-2018-14637

redhat/rh-sso7-keycloakKeycloak permits some access to a user in one realm from a user logged into another. An attacker cou…

high
7.5
First published (updated )
CVE-2019-14832

redhat/keycloakCSRF

high
8.8
First published (updated )
CVE-2019-10199

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.keycloak:keycloak-authz-clientA flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be s…

high
7.2
First published (updated )
CVE-2019-10169

KeycloakA flaw was found in the Keycloak admin console, where the realm management interface permits a scrip…

high
7.2
First published (updated )
CVE-2019-10170

redhat/rh-sso7-keycloakIt was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to …

high
8.1
First published (updated )
CVE-2020-14389

KeycloakPath Traversal

high
7.5
First published (updated )
CVE-2020-14366

redhat/keycloakXSS, Input Validation

high
7.5
First published (updated )
CVE-2021-20222

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/keycloakA flaw was found in keycloak. Directories can be created prior to the Java process creating them in …

high
7.3
First published (updated )
CVE-2021-20202

redhat/rh-sso7-keycloakA flaw was found in keycloak where a brute force attack is possible even when the permanent lockout …

high
7.5
First published (updated )
CVE-2021-3513

Keycloakkeycloak 18.0.0: open redirect in auth endpoint via the redirect_uri parameter.

high
7.4
First published (updated )
CVE-2022-1970

KeycloakImportant: Red Hat build of Keycloak security update

high
7
First published (updated )
RHSA-2024:1868

KeycloakImportant: Red Hat build of Keycloak 22.0.7 images enhancement and security update

high
7
First published (updated )
RHSA-2023:7861

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203