Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

KeycloakA trusted client with long-lived JWT tokens can cause memory exhaustion in Keycloak due to unbounded…

medium
4
First published (updated )
REDHAT-BUG-2353868

KeycloakModerate: Red Hat build of Keycloak 26.0.10 Update

medium
4
First published (updated )
RHSA-2025:2545

KeycloakModerate: Red Hat build of Keycloak 26.0.10 Images Update

medium
4
First published (updated )
RHSA-2025:2544

maven/org.keycloak:keycloak-servicesKeycloak-services: improper authorization in keycloak organization mapper allows unauthorized organization claims

medium
5.4
First published (updated )
CVE-2025-1391

KeycloakThe issue arises because Keycloak does not perform an LDAP bind after a password reset, leading to p…

medium
4
First published (updated )
REDHAT-BUG-2338993

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakModerate: Red Hat build of Keycloak 26.0.8 Images Update

medium
4
First published (updated )
RHSA-2025:0299

KeycloakModerate: Red Hat build of Keycloak 26.0.8 Update

medium
4
First published (updated )
RHSA-2025:0300

KeycloakA potential Denial of Service (DoS) vulnerability has been identified in Keycloak, which could allow…

medium
4
First published (updated )
REDHAT-BUG-2328846

KeycloakThe env option `KC_CACHE_EMBEDDED_MTLS_ENABLED` does not work and the jgroups replication configura…

medium
4
First published (updated )
REDHAT-BUG-2324361

KeycloakA vulnerability was found in Keycloak-services package. If untrusted data is passed to the method (S…

medium
4
First published (updated )
REDHAT-BUG-2321214

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakIt is possible to configure Keycloak in such a manner that any application with a 'Valid Redirect UR…

medium
4
First published (updated )
REDHAT-BUG-2312511

KeycloakModerate: Red Hat build of Keycloak 22.0.12 Images Update

medium
4
First published (updated )
RHSA-2024:6500

KeycloakModerate: Red Hat build of Keycloak 22.0.12 Update

medium
4
First published (updated )
RHSA-2024:6501

KeycloakModerate: Red Hat build of Keycloak 24.0.7 Update

medium
4
First published (updated )
RHSA-2024:6503

KeycloakModerate: Red Hat build of Keycloak 24.0.7 Images Update

medium
4
First published (updated )
RHSA-2024:6502

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakModerate: Red Hat build of Keycloak 22.0.10 enhancement and security update

medium
4
First published (updated )
RHSA-2024:1867

KeycloakModerate: Red Hat build of Keycloak 22.0.8 images enhancement and security update

medium
4
First published (updated )
RHSA-2024:0100

KeycloakModerate: Red Hat build of Keycloak 22.0.8 enhancement and security update

medium
4
First published (updated )
RHSA-2024:0101

KeycloakA flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authent…

medium
4
First published (updated )
REDHAT-BUG-2254375

KeycloakKeycloak does not correctly validate its client step-up authentication. A password-authed attacker c…

medium
4
First published (updated )
REDHAT-BUG-2221760

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakThis issue is the result of code found in the exception here: <a href="https://github.com/keycloak/k…

medium
4
First published (updated )
REDHAT-BUG-2031904

redhat/rh-sso7-keycloakKeycloak: xss on impersonation under specific circumstances

medium
6.4
First published (updated )
CVE-2022-1438

redhat/keycloakXSS

medium
6.1
First published (updated )
CVE-2021-20323

KeycloakPath Traversal

medium
4.3
First published (updated )
CVE-2021-3856

KeycloakAnyone can register a new device when there is no device registered for passwordless login for any u…

medium
4
First published (updated )
REDHAT-BUG-1978196

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KeycloakRe-authentication is missing while updating the password. This may cause account takeover if any att…

medium
4
First published (updated )
REDHAT-BUG-1933639

redhat/rh-sso7-keycloakInput Validation

medium
5.4
First published (updated )
CVE-2020-35509

KeycloakA vulnerability was found in keycloak, where on using lower case HTTP headers (via cURL) we can bypa…

medium
4
First published (updated )
REDHAT-BUG-1868591

redhat/rh-sso7-keycloakA flaw was found in Keycloak, where an external identity provider, after successful authentication, …

medium
4.9
First published (updated )
CVE-2020-14302

redhat/rh-sso7-keycloakXSS

medium
4.8
First published (updated )
CVE-2020-10776

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203