CVSS: 5.5EPSS: 1%CPEs: 15EXPL: 1CVE-2023-6134 – Keycloak: reflected xss via wildcard in oidc redirect_uri
https://notcve.org/view.php?id=CVE-2023-6134
14 Dec 2023 — A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. Se encontró una falla en Keycloak que impide ciertos esquemas en las redirecciones, pero los permite si se agrega un comodín al token. Este problema podría permitir que un atacante envíe... • https://access.redhat.com/errata/RHSA-2023:7854 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 3%CPEs: 14EXPL: 1CVE-2023-0264 – keycloak: user impersonation via stolen uuid code
https://notcve.org/view.php?id=CVE-2023-0264
02 Mar 2023 — A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante... • https://github.com/twwd/CVE-2023-0264 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-1466 – keycloak: Improper authorization for master realm
https://notcve.org/view.php?id=CVE-2022-1466
26 Apr 2022 — Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted. Debido a una autorización inapropiada, Red Hat Single Sign-On es vulnerable a que usuarios lleven a cabo acciones que no deberían estar autorizados a realizar. Era posible añadir usuarios al reino maestro aunque no sea concedido el permiso correspondiente A flaw was found ... • https://bugzilla.redhat.com/show_bug.cgi?id=2050228 • CWE-863: Incorrect Authorization CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-3859 – undertow: client side invocation timeout raised when calling over HTTP2
https://notcve.org/view.php?id=CVE-2021-3859
03 Feb 2022 — A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks. Se ha encontrado un fallo en Undertow que dispara el tiempo de espera de la invocación del lado del cliente con determinadas llamadas realizadas a través de HTTP2. Este fallo permite a un atacante realizar ataques de denegación de servicio. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Mi... • https://access.redhat.com/security/cve/CVE-2021-3859 • CWE-214: Invocation of Process Using Visible Sensitive Information CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-3827 – keycloak-server-spi-private: ECP SAML binding bypasses authentication flows
https://notcve.org/view.php?id=CVE-2021-3827
18 Jan 2022 — A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity. Se ha encontrado un fallo en keycloak, en el que el flujo de vinculación ECP por defecto permite omitir otros flujos de autenticación. Al exp... • https://access.redhat.com/security/cve/CVE-2021-3827 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 1%CPEs: 429EXPL: 0CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
08 Nov 2019 — A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •