Vulnerabilities > Redhat > Keycloak > 2.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-2646 | Infinite Loop vulnerability in Redhat Keycloak It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. | 7.5 |
| 2018-07-23 | CVE-2018-10912 | Infinite Loop vulnerability in Redhat Keycloak keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. | 4.9 |