Vulnerabilities > Redhat > Single Sign ON

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2022-0225 Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak.
network
low complexity
redhat CWE-79
5.4
2022-08-26 CVE-2021-3632 Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak.
network
high complexity
redhat CWE-287
7.5
2022-08-26 CVE-2021-3754 Unspecified vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user.
network
low complexity
redhat
5.3
2022-08-26 CVE-2021-3859 A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2.
network
low complexity
redhat netapp
7.5
2022-08-23 CVE-2021-3690 Memory Leak vulnerability in Redhat products
A flaw was found in Undertow.
network
low complexity
redhat CWE-401
7.5
2022-08-23 CVE-2021-3827 Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed.
network
high complexity
redhat CWE-287
6.8
2022-08-05 CVE-2022-2668 Unspecified vulnerability in Redhat Keycloak and Single Sign-On
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
network
low complexity
redhat
7.2
2022-05-24 CVE-2021-3597 Race Condition vulnerability in multiple products
A flaw was found in undertow.
network
high complexity
redhat netapp CWE-362
5.9
2022-05-24 CVE-2021-3629 Resource Exhaustion vulnerability in multiple products
A flaw was found in Undertow.
network
high complexity
redhat netapp CWE-400
5.9
2022-05-24 CVE-2021-3717 Files or Directories Accessible to External Parties vulnerability in Redhat products
A flaw was found in Wildfly.
local
low complexity
redhat CWE-552
7.8