Vulnerabilities > Redhat > Keycloak > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2022-3782 Path Traversal vulnerability in Redhat Keycloak 20.0.2
keycloak: path traversal via double URL encoding.
network
low complexity
redhat CWE-22
critical
 9.1
9.1
2022-07-08 CVE-2022-1245 Authorization Bypass Through User-Controlled Key vulnerability in Redhat Keycloak
A privilege escalation flaw was found in the token exchange feature of keycloak.
network
low complexity
redhat CWE-639
critical
 9.8
9.8