Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak

🗓️ 09 Feb 2022 00:26:56Reported by GitHub Advisory DatabaseType

Improper TLS hostname verification in Keycloa

Reporter	Title	Published	Views	Family All 18
OSV	CVE-2020-1758	15 May 202019:15	–	osv
OSV	Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak	9 Feb 202200:56	–	osv
OSV	RHSA-2020:2107 Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 7	13 Sep 202418:09	–	osv
OSV	RHSA-2020:2108 Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 8	13 Sep 202418:09	–	osv
OSV	RHSA-2020:2106 Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 6	13 Sep 202418:09	–	osv
RedhatCVE	CVE-2020-1758	12 May 202015:10	–	redhatcve
Prion	Design/Logic Flaw	15 May 202019:15	–	prion
Veracode	Information Disclosure	13 May 202003:24	–	veracode
CVE	CVE-2020-1758	15 May 202019:15	–	cve
Cvelist	CVE-2020-1758	15 May 202018:52	–	cvelist

Vulners

Node

org.keycloak keycloak\-parentRange<10.0.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-1758
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
issues	www.issues.redhat.com/browse/KEYCLOAK-13285
github	www.github.com/advisories/GHSA-c597-f74m-jgc2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Feb 2022 00:56Current

6.7Medium risk

Vulners AI Score6.7

CVSS24.3

CVSS35.3 - 5.9

EPSS0.00128