Vulnerabilities > Redhat > Keycloak > 12.0.2

DATE CVE VULNERABILITY TITLE RISK
2021-05-12 CVE-2021-20202 Unspecified vulnerability in Redhat Keycloak
A flaw was found in keycloak.
local
low complexity
redhat
7.3
2021-03-23 CVE-2021-20222 Cross-site Scripting vulnerability in Redhat Keycloak
A flaw was found in keycloak.
network
high complexity
redhat CWE-79
7.5
2021-03-08 CVE-2020-27838 Unspecified vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in keycloak in versions prior to 13.0.0.
network
low complexity
redhat
6.5
2021-01-28 CVE-2020-1725 Incorrect Authorization vulnerability in Redhat Keycloak
A flaw was found in keycloak before version 13.0.0.
network
low complexity
redhat CWE-863
5.4
2020-12-15 CVE-2020-14302 Authentication Bypass by Capture-replay vulnerability in Redhat Keycloak
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter.
network
low complexity
redhat CWE-294
4.9