CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-58712 – Amq: privilege escalation via excessive /etc/passwd permissions
https://notcve.org/view.php?id=CVE-2025-58712
09 Oct 2025 — A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the... • https://access.redhat.com/errata/RHSA-2025:17562 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 49EXPL: 0CVE-2025-6020 – Linux-pam: linux-pam directory traversal
https://notcve.org/view.php?id=CVE-2025-6020
17 Jun 2025 — A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. An update for pam is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a traversal vulner... • https://access.redhat.com/security/cve/CVE-2025-6020 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-4057 – Activemq-artemis-operator: amq broker operator starting credentials reuse
https://notcve.org/view.php?id=CVE-2025-4057
26 May 2025 — A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies. Se detectó una falla en ActiveMQ Artemis. La contraseña generada por activemq-artemis-operator no se regenera entre dependencias CR separadas. This is the multiarch release of the AMQ Broker 7.13.0 aligned Operator and associated container images on Red Hat Enterprise Linux 9 for the OpenShift Container Platform. • https://access.redhat.com/security/cve/CVE-2025-4057 • CWE-1391: Use of Weak Credentials •
CVSS: 6.8EPSS: 6%CPEs: 11EXPL: 0CVE-2024-8883 – Keycloak: vulnerable redirect uri validation results in open redirec
https://notcve.org/view.php?id=CVE-2024-8883
19 Sep 2024 — A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking. A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common V... • https://access.redhat.com/security/cve/CVE-2024-8883 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.7EPSS: 81%CPEs: 6EXPL: 1CVE-2024-8698 – Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak
https://notcve.org/view.php?id=CVE-2024-8698
19 Sep 2024 — A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks. New images ... • https://github.com/huydoppaz/CVE-2024-8698-POC • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.1EPSS: 2%CPEs: 8EXPL: 0CVE-2024-7341 – Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters
https://notcve.org/view.php?id=CVE-2024-7341
09 Sep 2024 — A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation. • https://access.redhat.com/errata/RHSA-2024:6493 • CWE-384: Session Fixation •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-4629 – Keycloak: potential bypass of brute force protection
https://notcve.org/view.php?id=CVE-2024-4629
03 Sep 2024 — A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems. New images are available for Red Hat build of Keycloak 22.0.12 and ... • https://access.redhat.com/security/cve/CVE-2024-4629 • CWE-837: Improper Enforcement of a Single, Unique Action •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5967 – Keycloak: leak of configured ldap bind credentials through the keycloak admin console
https://notcve.org/view.php?id=CVE-2024-5967
18 Jun 2024 — A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who h... • https://access.redhat.com/security/cve/CVE-2024-5967 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-4540 – Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie
https://notcve.org/view.php?id=CVE-2024-4540
03 Jun 2024 — A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability. Se encontró una falla en Keycloak en las solicitudes de autorización push (PAR) de OAuth 2.0. Se descubrió que los parámetros proporcionados por el cliente estaban incluidos en texto pl... • https://access.redhat.com/errata/RHSA-2024:3566 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2023-6544 – Keycloak: authorization bypass
https://notcve.org/view.php?id=CVE-2023-6544
25 Apr 2024 — A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized. Se encontró una falla en el paquete Keycloak. Este problema se produce debido a una expresión regular permisiva codificada para el filtrado q... • https://access.redhat.com/errata/RHSA-2024:1860 • CWE-625: Permissive Regular Expression •