Vulnerabilities > Redhat > Keycloak > 3.4.3

DATE CVE VULNERABILITY TITLE RISK
2018-11-13 CVE-2018-14655 Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final.
network
low complexity
redhat CWE-79
5.4
2018-08-01 CVE-2018-10894 Improper Certificate Validation vulnerability in Redhat Keycloak and Single Sign-On
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates.
network
low complexity
redhat CWE-295
5.4
2018-07-23 CVE-2018-10912 Infinite Loop vulnerability in Redhat Keycloak
keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement.
network
low complexity
redhat CWE-835
4.9