4 matches found
CVE-2017-2646
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks...
CVE-2017-2646
Keycloak prior to 2.5.5 is affected by CVE-2017-2646. The vulnerability occurs when a Logout request contains an Extensions field in the middle of the request, causing SAMLSloRequestParser.parse() to enter an infinite loop and potentially enable denial-of-service. Affected component: keycloak-sam...
CVE-2017-2646
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks...
CVE-2017-2646
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks...