Recently modified high severity vulnerabilities for "red hat single sign-on"

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

high

7.5

Exploited

Zeroday

First published (updated )

CVE-2023-44487

Red Hat OpenShift Container PlatformKeycloak: redirect_uri validation bypass

high

7.1

First published (updated )

CVE-2023-6291

redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2

high

8.1

First published (updated )

CVE-2021-4104

maven/org.keycloak:keycloak-coreKeycloak: amount of attributes per object is not limited and it may lead to dos

high

7.5

First published (updated )

CVE-2023-6841

Red Hat Single Sign-OnKeycloak: offline session token dos

high

7.7

EPSS

0.09%

First published (updated )

CVE-2023-6563

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

maven/io.undertow:undertow-coreUndertow: improper state management in proxy protocol parsing causes information leakage

high

7.5

EPSS

0.10%

First published (updated )

CVE-2024-7885

redhat/eap7-wildflyThere was a vulnerability found in wildfly, where incorrect JBOSS_LOCAL_USER challenge location whe…

high

7.8

First published (updated )

CVE-2021-3717

Red Hat OpenShift Container PlatformUndertow: outofmemoryerror due to @multipartconfig handling

high

7.5

First published (updated )

CVE-2023-3223

Red Hat OpenShift Container PlatformUndertow: infinite loop in sslconduit during close

high

7.5

First published (updated )

CVE-2023-1108

redhat/eap7-undertowA flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made…

high

7.5

First published (updated )

CVE-2021-3859

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Riverbed SteelApp Traffic ManagerSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service

high

7.8

First published (updated )

CVE-2019-9514

Riverbed SteelApp Traffic ManagerSome HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service

high

7.8

First published (updated )

CVE-2019-9515

maven/org.keycloak:keycloak-servicesWildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

high

8.1

EPSS

0.24%

First published (updated )

CVE-2024-7341

JBoss Enterprise Application PlatformUndertow: ajp request closes connection exceeding maxrequestsize

high

7.5

First published (updated )

CVE-2023-5379

redhat/eap7-undertowA flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memor…

high

7.5

First published (updated )

CVE-2021-3690

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

redhat/KeycloakCSRF

high

7.5

First published (updated )

CVE-2017-12159

redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…

high

7.5

First published (updated )

CVE-2019-14888

redhat/eap7-apache-cxfInput Validation, Infoleak

high

8.1

First published (updated )

CVE-2020-1757

redhat/eap7-elytron-webThe issue appears to be that EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as…

high

7.5

First published (updated )

CVE-2020-1710

redhat/eap7-glassfish-jsfA vulnerability was found in Infinispan before version 10.0.0 Final. The invokeAccessibly method fro…

high

8.8

First published (updated )

CVE-2019-10174

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Red Hat KeycloakA flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation…

high

8.1

First published (updated )

CVE-2018-14657

redhat/jackson-databindAn issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When De…

high

8.1

First published (updated )

CVE-2018-12023

Red Hat Single Sign-OnIt was found that Keycloak's SAML broker did not verify missing message signatures. If an attacker m…

high

8.1

First published (updated )

CVE-2019-10201

JBoss Enterprise Application PlatformAn information leak issue was found in undertow where web apps may have their directory structures p…

high

7.5

First published (updated )

CVE-2019-10184

redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes a…

high

7.5

First published (updated )

CVE-2020-25644

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

redhat/redhat-ssoAn insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An at…

high

7.8

First published (updated )

CVE-2020-10695

maven/org.keycloak:keycloak-commonInput Validation

high

8.8

First published (updated )

CVE-2020-1714

redhat/rh-sso7-keycloakA flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or …

high

7.5

First published (updated )

CVE-2021-3632

redhat/rh-sso7-keycloakA flaw was found in keycloak-model-infinispan where the authenticationSessions map in RootAuthentica…

high

7.5

First published (updated )

CVE-2021-3637

redhat/rh-sso7-keycloakA flaw was found in keycloak where keycloak may fail to logout user session if the logout request co…

high

7.1

First published (updated )

CVE-2021-3461

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Trending

Versions

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

Red Hat OpenShift Container PlatformKeycloak: redirect_uri validation bypass

redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2

maven/org.keycloak:keycloak-coreKeycloak: amount of attributes per object is not limited and it may lead to dos

Red Hat Single Sign-OnKeycloak: offline session token dos

Never miss a vulnerability like this again

maven/io.undertow:undertow-coreUndertow: improper state management in proxy protocol parsing causes information leakage

redhat/eap7-wildflyThere was a vulnerability found in wildfly, where incorrect JBOSS_LOCAL_USER challenge location whe…

Red Hat OpenShift Container PlatformUndertow: outofmemoryerror due to @multipartconfig handling

Red Hat OpenShift Container PlatformUndertow: infinite loop in sslconduit during close

redhat/eap7-undertowA flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made…

Never miss a vulnerability like this again

Riverbed SteelApp Traffic ManagerSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service

Riverbed SteelApp Traffic ManagerSome HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service

maven/org.keycloak:keycloak-servicesWildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

JBoss Enterprise Application PlatformUndertow: ajp request closes connection exceeding maxrequestsize

redhat/eap7-undertowA flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memor…

Never miss a vulnerability like this again

redhat/KeycloakCSRF

redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…

redhat/eap7-apache-cxfInput Validation, Infoleak

redhat/eap7-elytron-webThe issue appears to be that EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as…

redhat/eap7-glassfish-jsfA vulnerability was found in Infinispan before version 10.0.0 Final. The invokeAccessibly method fro…

Never miss a vulnerability like this again

Red Hat KeycloakA flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation…

redhat/jackson-databindAn issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When De…

Red Hat Single Sign-OnIt was found that Keycloak's SAML broker did not verify missing message signatures. If an attacker m…

JBoss Enterprise Application PlatformAn information leak issue was found in undertow where web apps may have their directory structures p…

redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes a…

Never miss a vulnerability like this again

redhat/redhat-ssoAn insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An at…

maven/org.keycloak:keycloak-commonInput Validation

redhat/rh-sso7-keycloakA flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or …

redhat/rh-sso7-keycloakA flaw was found in keycloak-model-infinispan where the authenticationSessions map in RootAuthentica…

redhat/rh-sso7-keycloakA flaw was found in keycloak where keycloak may fail to logout user session if the logout request co…

Never miss a vulnerability like this again

Company

Resources

Contact