Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-7575

Malicious code in bioql PyPI...

6.8CVSS6.2AI score0.00952EPSS
Exploits0References15
cvelist
cvelist
added 2023/09/20 2:28 p.m.59 views

CVE-2022-3916 Keycloak: session takeover with oidc offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS7AI score0.00952EPSS
Exploits0References12
redhat
redhat
added 2023/03/01 9:58 p.m.13 views

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS6.3AI score0.00952EPSS
Exploits0References4
redhat
redhat
added 2023/03/01 9:45 p.m.5 views

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS6.3AI score0.00952EPSS
Exploits0References4
redhat
redhat
added 2022/12/13 2:4 p.m.6 views

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS6.3AI score0.00952EPSS
Exploits0References4
redhat
redhat
added 2022/12/13 2:3 p.m.36 views

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS6.3AI score0.00952EPSS
Exploits0References4
redhatcve
redhatcve
added 2022/11/09 6:25 p.m.42 views

CVE-2022-3916

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

6.8CVSS3.4AI score0.00952EPSS
Exploits0References3
Rows per page
Query Builder