Moderate severityNVD Advisory· Published May 11, 2020· Updated Aug 4, 2024
CVE-2020-1698
CVE-2020-1698
Description
A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.keycloak:keycloak-coreMaven | < 9.0.0 | 9.0.0 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-qgmm-f2qw-r95fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-1698ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836ghsaWEB
- github.com/keycloak/keycloak/pull/6751ghsaWEB
News mentions
0No linked articles in our index yet.