VYPR

Single Sign On

by Red Hat

CVEs (33)

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2026-28369HigMar 27, 2026
    risk 0.50cvss 8.7epss 0.01

    A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote…

  • CVE-2026-28368HigMar 27, 2026
    risk 0.50cvss 8.7epss 0.01

    A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request…

  • CVE-2026-28367HigMar 27, 2026
    risk 0.50cvss 8.7epss 0.01

    A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic…

  • CVE-2017-12159HigOct 26, 2017
    risk 0.49cvss 7.5epss 0.02

    It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.

  • CVE-2025-12789MedNov 7, 2025
    risk 0.40cvss 6.1epss 0.00

    A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirect_uri parameter associated with the openid-connect logout protocol does not properly validate the provided URL.

  • CVE-2023-48795MedDec 18, 2023
    risk 0.39cvss 5.9epss 0.93

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently…

  • CVE-2026-3260MedMar 24, 2026
    risk 0.38cvss 5.9epss 0.00

    A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and…

  • CVE-2026-4366MedMar 18, 2026
    risk 0.38cvss 5.8epss 0.00

    A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or…

  • CVE-2026-3121MedMar 26, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other…

  • CVE-2017-12158MedOct 26, 2017
    risk 0.35cvss 5.4epss 0.01

    It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server.

  • CVE-2026-4874LowMar 26, 2026
    risk 0.20cvss 3.1epss 0.00

    A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the…

  • CVE-2026-3009Mar 5, 2026
    risk 0.00cvss epss 0.00

    A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login…

  • CVE-2026-0871Feb 27, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles,…

  • CVE-2023-1932Nov 7, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML…

  • CVE-2023-6291Jan 26, 2024
    risk 0.00cvss epss 0.01

    A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.

  • CVE-2023-2585Dec 21, 2023
    risk 0.00cvss epss 0.01

    Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible…

  • CVE-2023-6927Dec 18, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.

  • CVE-2023-5236Dec 18, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial…

  • CVE-2023-6134Dec 14, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the…

Page 1 of 2