Red hat build of keycloak 22
This hub aggregates every CVE we track for Red hat build of keycloak 22, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
0
Critical
7
High
0
In CISA KEV
Severity distribution
MEDIUM9HIGH7LOW2
Monthly trend
0
0
4
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat build of keycloak 22.
- CVE-2023-0657Keycloak: impersonation via logout token exchange3.4
- CVE-2024-8883Keycloak: vulnerable redirect uri validation results in open redirec6.1
- CVE-2024-8698Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak7.7
- CVE-2024-7341Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters7.1
- CVE-2024-4629Keycloak: potential bypass of brute force protection6.5
- CVE-2024-5967Keycloak: leak of configured ldap bind credentials through the keycloak admin console2.7
- CVE-2024-4540Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie7.5
- CVE-2023-6787Keycloak: session hijacking via re-authentication6.5
- CVE-2023-6717Keycloak: xss via assertion consumer service url in saml post-binding flow6.0
- CVE-2023-6544Keycloak: authorization bypass5.4
- CVE-2023-6484Keycloak: log injection during webauthn authentication or registration5.3
- CVE-2023-3597Keycloak: secondary factor bypass in step-up authentication5.0
- CVE-2024-2419Keycloak: path traversal in the redirect validation7.1
- CVE-2024-1249Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos7.4
- CVE-2024-1132Keycloak: path transversal in redirection validation8.1
Product normalization is registry-driven with AI assist and human review. How it works