Vulnerabilities > Redhat > Openshift Container Platform FOR Power > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2024-8883 Open Redirect vulnerability in Redhat products
A misconfiguration flaw was found in Keycloak.
network
low complexity
redhat CWE-601
6.1
2024-09-03 CVE-2024-4629 Improper Enforcement of a Single, Unique Action vulnerability in Redhat products
A vulnerability was found in Keycloak.
network
low complexity
redhat CWE-837
6.5
2023-12-14 CVE-2023-6134 Cross-site Scripting vulnerability in Redhat products
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token.
network
low complexity
redhat CWE-79
5.4
2023-09-20 CVE-2022-3916 Insufficient Session Expiration vulnerability in Redhat products
A flaw was found in the offline_access scope in Keycloak.
network
high complexity
redhat CWE-613
6.8
2023-07-07 CVE-2022-4361 Cross-site Scripting vulnerability in Redhat products
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers.
network
low complexity
redhat CWE-79
6.1