12 results (0.007 seconds)

CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0

CVE-2023-6291 – Keycloak: redirect_uri validation bypass

https://notcve.org/view.php?id=CVE-2023-6291

A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users. Se encontró un fallo en la lógica de validación de redirect_uri en Keycloak. Este problema puede permitir la omisión de hosts permitidos explícitamente. • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/errata/RHSA-2023:7860 https://access.redhat.com/errata/RHSA-2023:7861 https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 1

CVE-2023-6134 – Keycloak: reflected xss via wildcard in oidc redirect_uri

https://notcve.org/view.php?id=CVE-2023-6134

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. Se encontró una falla en Keycloak que impide ciertos esquemas en las redirecciones, pero los permite si se agrega un comodín al token. Este problema podría permitir que un atacante envíe una solicitud especialmente manipulada que dé lugar a cross-site scripting (XSS) o más ataques. • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/errata/RHSA-2023:7860 https://access.redhat.com/errata/RHSA-2023:7861 https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.7EPSS: 0%CPEs: 15EXPL: 1

CVE-2023-6563 – Keycloak: offline session token dos

https://notcve.org/view.php?id=CVE-2023-6563

An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system. Se descubrió una vulnerabilidad de consumo de memoria sin restricciones en Keycloak. Se puede activar en entornos que tienen millones de tokens fuera de línea (> 500.000 usuarios, cada uno con al menos 2 sesiones guardadas). • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/security/cve/CVE-2023-6563 https://bugzilla.redhat.com/show_bug.cgi?id=2253308 https://github.com/keycloak/keycloak/issues/13340 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-4137 – Keycloak: reflected xss attack

https://notcve.org/view.php?id=CVE-2022-4137

A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker. Se encontró una vulnerabilidad reflejada de scross-site scripting (XSS) en el endpoint de OAuth 'oob' debido a un manejo incorrecto de bytes nulos. • https://access.redhat.com/errata/RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1049 https://access.redhat.com/security/cve/CVE-2022-4137 https://bugzilla.redhat.com/show_bug.cgi?id=2148496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-81: Improper Neutralization of Script in an Error Message Web Page •

CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 0

CVE-2023-3223 – Undertow: outofmemoryerror due to @multipartconfig handling

https://notcve.org/view.php?id=CVE-2023-3223

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. Se encontró una falla en el undertow. • https://access.redhat.com/errata/RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4509 https://access.redhat.com/errata/RHSA-2023:4918 https://access.redhat.com/errata/RHSA-2023:4919 https://access.redhat.com/errata/RHSA-2023:4920 https://access.redhat.com/errata/RHSA-2023:4921 https://access.redhat.com/errata/RHSA-2023:4924 https://access.redhat.com/errata/RHSA • CWE-789: Memory Allocation with Excessive Size Value •