CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3690 – undertow: buffer leak on incoming websocket PONG message may lead to DoS
https://notcve.org/view.php?id=CVE-2021-3690
19 Aug 2021 — A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. Se ha encontrado un fallo en Undertow. • https://access.redhat.com/security/cve/CVE-2021-3690 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3461 – keycloak: Backchannel logout not working when Principal Type is set to Attribute Name for external SAML IDP
https://notcve.org/view.php?id=CVE-2021-3461
20 May 2021 — A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. Se ha encontrado un fallo en keycloak por el que keycloak puede fallar al cerrar la sesión del usuario si la petición de cierre de sesión proviene de un proveedor de identidad SAML externo y el tipo de principal está configurado como atributo [nombre] Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak... • https://bugzilla.redhat.com/show_bug.cgi?id=1941565 • CWE-613: Insufficient Session Expiration •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3424 – keycloak: Internationalized domain name (IDN) homograph attack to impersonate users
https://notcve.org/view.php?id=CVE-2021-3424
20 May 2021 — A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges. Se ha encontrado un fallo en keycloak, tal y como es enviado en Red Hat Single Sign-On versión 7.4, en el que son posibles los ataques de homografía IDN. Un usuario malicioso puede registrarse con un nombre ya registrado y engañar al administrador para que le conceda privilegios adic... • https://bugzilla.redhat.com/show_bug.cgi?id=1933320 • CWE-287: Improper Authentication •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14341
https://notcve.org/view.php?id=CVE-2020-14341
12 Jan 2021 — The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the user's choosing, and originating from the RHSSO installation. By observing differences in the timings of these scans, an attacker may glean information about hosts and ports which they do not have access to scan directly. La "Test Connection" disponible en la versión v7.x de la consola de la aplicación Red Hat Si... • https://bugzilla.redhat.com/show_bug.cgi?id=1860138 • CWE-385: Covert Timing Channel •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10695 – containers/redhat-sso-7: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2020-10695
16 Dec 2020 — An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges. Se encontró un fallo de modificación no segura del archivo /etc/passwd en el contenedor redhat-sso-7. Un atacante con acceso al contenedor puede usar este fallo para modificar el archivo /etc/passwd y escalar sus privilegios Red Hat Single Sign-On is an integrated sign-on solution, available as ... • https://bugzilla.redhat.com/show_bug.cgi?id=1817530 • CWE-266: Incorrect Privilege Assignment •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27826 – keycloak: Account REST API can update user metadata attributes
https://notcve.org/view.php?id=CVE-2020-27826
16 Dec 2020 — A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application. Se encontró un fallo en Keycloak versiones anteriores a 12.0.0, donde es posible actualizar los atributos de metadatos del usuario usando la API REST de la cuenta. Este fallo permite a un atacante cambiar su propio atributo NameID para hacerse ... • https://bugzilla.redhat.com/show_bug.cgi?id=1905089 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10758 – keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body
https://notcve.org/view.php?id=CVE-2020-10758
19 Aug 2020 — A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 11.0.1, donde el ataque de DoS es posible mediante el envío de veinte peticiones simultáneamente hacia el servidor de keycloak especificado, todas con un valor de encabezado Content-Length que e... • https://bugzilla.redhat.com/show_bug.cgi?id=1843849 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.8EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10687 – Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
https://notcve.org/view.php?id=CVE-2020-10687
17 Aug 2020 — A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. Se detectó un fallo en todas las versiones de Undertow versiones anteriores a Undertow 2.2.0.Final, donde el tráfico malicioso de peticiones... • https://bugzilla.redhat.com/show_bug.cgi?id=1785049 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10748 – keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)
https://notcve.org/view.php?id=CVE-2020-10748
02 Jul 2020 — A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. Se encontró un fallo en el filtro de datos de Keycloak, en versión 10.0.1, donde permitía el procesamiento de las URL de datos en algunas circunstancias. Este fallo permite a un atacante conducir ataques de tipo cross-site scripting o mas ataques A flaw was found in Keycloak's data filter, where it ... • https://bugzilla.redhat.com/show_bug.cgi?id=1836786 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 1%CPEs: 27EXPL: 1CVE-2019-14900 – hibernate: SQL injection issue in Hibernate ORM
https://notcve.org/view.php?id=CVE-2019-14900
12 May 2020 — A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. Se encontró un fallo en Hibernate ORM en versiones anteriores a 5.3.18, 5.4.18 y 5.5.0.Beta1. Una inyección SQL en la implementación de la API JPA Criteria pu... • https://github.com/shanika04/hibernate-orm • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •