CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3856
https://notcve.org/view.php?id=CVE-2021-3856
ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. ClassLoaderTheme y ClasspathThemeResourceProviderFactory permiten leer cualquier archivo disponible como recurso para el cargador de clases. Al enviar peticiones de recursos de temas con una ruta relativa desde un cliente HTTP externo, el cliente recibirá el contenido de archivos aleatorios si están disponibles. • https://access.redhat.com/security/cve/CVE-2021-3856 https://bugzilla.redhat.com/show_bug.cgi?id=2010164 https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743 https://github.com/keycloak/keycloak/pull/8588 https://issues.redhat.com/browse/KEYCLOAK-19422 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2668 – keycloak: Uploading of SAML javascript protocol mapper scripts through the admin console
https://notcve.org/view.php?id=CVE-2022-2668
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled Se ha detectado un problema en Keycloak que permite cargar Javascript arbitrario para el mapeador del protocolo SAML incluso si la función UPLOAD_SCRIPTS está deshabilitada A flaw was found in keycloak. The vulnerability allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled. • https://access.redhat.com/security/cve/CVE-2022-2668 https://bugzilla.redhat.com/show_bug.cgi?id=2115392 • CWE-440: Expected Behavior Violation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1245 – CVE-2022-1245 keycloak: Privilege escalation vulnerability on Token Exchange
https://notcve.org/view.php?id=CVE-2022-1245
A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services. Se ha encontrado un fallo de escalada de privilegios en la funcionalidad token exchange de keycloak. Una falta de autorización permite que una aplicación cliente que tenga un token de acceso válido pueda intercambiar tokens para cualquier cliente de destino pasando el client_id del mismo. • https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8 https://access.redhat.com/security/cve/CVE-2022-1245 https://bugzilla.redhat.com/show_bug.cgi?id=2071036 • CWE-639: Authorization Bypass Through User-Controlled Key CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-1466 – keycloak: Improper authorization for master realm
https://notcve.org/view.php?id=CVE-2022-1466
Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted. Debido a una autorización inapropiada, Red Hat Single Sign-On es vulnerable a que usuarios lleven a cabo acciones que no deberían estar autorizados a realizar. Era posible añadir usuarios al reino maestro aunque no sea concedido el permiso correspondiente A flaw was found in Keycloak. The Red Hat Single Sign-On allowed authed users to perform actions outside their permissions. • https://bugzilla.redhat.com/show_bug.cgi?id=2050228 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076 https://access.redhat.com/security/cve/CVE-2022-1466 • CWE-863: Incorrect Authorization CWE-1220: Insufficient Granularity of Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2021-20323 – keycloak-services: POST based reflected Cross Site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2021-20323
A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. Se ha identificado una vulnerabilidad de tipo Cross Site Scripting reflejado basada en POST en Keycloak A flaw has been found in Keycloak. The clients-registrations endpoint allows execution of javascript code on the client-side, which makes it vulnerable to a Cross-Site Scripting attack. • https://github.com/ndmalc/CVE-2021-20323 https://github.com/Cappricio-Securities/CVE-2021-20323 https://github.com/cscpwn0sec/CVE-2021-20323 https://bugzilla.redhat.com/show_bug.cgi?id=2013577 https://access.redhat.com/security/cve/CVE-2021-20323 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •