Vulnerabilities > Redhat > Single Sign ON

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-1664 Improper Certificate Validation vulnerability in Redhat products
A flaw was found in Keycloak.
network
low complexity
redhat CWE-295
6.5
2023-03-29 CVE-2022-1274 Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak in the execute-actions-email endpoint.
network
low complexity
redhat CWE-79
5.4
2023-03-27 CVE-2022-2237 Open Redirect vulnerability in Redhat Keycloak Node.Js Adapter and Single Sign-On
A flaw was found in the Keycloak Node.js Adapter.
network
low complexity
redhat CWE-601
6.1
2023-02-23 CVE-2022-4492 Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
2022-09-13 CVE-2022-1278 Insecure Default Initialization of Resource vulnerability in Redhat products
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
network
low complexity
redhat CWE-1188
7.5
2022-09-01 CVE-2022-2256 Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0
A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7.
network
low complexity
redhat CWE-79
3.8
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-31 CVE-2022-1319 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-26 CVE-2022-0084 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
A flaw was found in XNIO, specifically in the notifyReadClosed method.
network
low complexity
redhat CWE-770
7.5