Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 5:40 p.m.7 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.13 Images Security Update

New images are available for Red Hat build of Keycloak 26.4.13 and Red Hat build of Keycloak 26.4.13 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

8.8CVSS5.9AI score0.00519EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.10 views

keycloak: org.keycloak.protocol.oidc.grants.ciba: Keycloak: Information disclosure via CORS header injection due to unvalidated JWT azp claim

A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing CORS header injection vulnerability in Keycloak's User-Managed Access UMA token endpoint. This flaw occurs because the azp claim from a client-supplied JSON Web Token JWT is used to set the...

5.3CVSS5.5AI score0.00253EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 9:5 a.m.3 views

BIT-CEPH-2020-10753

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the...

6.5CVSS6.8AI score0.01627EPSS
Exploits0References8
OSV
OSV
added 2025/08/20 5:36 a.m.12 views

USN-7706-1 ceph vulnerabilities

It was discovered that Ceph incorrectly handled read-only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 14.04 LTS. CVE-2018-14662 Sergey Bobrov discovered that Ceph’s RadosGW Ceph Object Gateway allowed the injectio...

6.5CVSS7.3AI score0.01612EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10753

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the...

5.4CVSS7AI score0.01627EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2022/05/05 7:56 a.m.5 views

gateway: radosgw: CRLF injection

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when makin...

6.5CVSS5.7AI score0.01612EPSS
Exploits0References4
Rows per page
Query Builder