Vulnerabilities > Redhat > Single Sign ON > 7.4.1

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-6134 Cross-site Scripting vulnerability in Redhat products
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token.
network
low complexity
redhat CWE-79
5.4
5.4
2023-08-04 CVE-2023-0264 Improper Authentication vulnerability in Redhat products
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests.
network
high complexity
redhat CWE-287
5.0
5.0
2022-08-26 CVE-2021-3632 Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak.
network
high complexity
redhat CWE-287
7.5
7.5
2021-05-26 CVE-2020-10695 Unspecified vulnerability in Redhat Single Sign-On
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container.
local
low complexity
redhat
7.8
7.8