4 matches found
CVE-2020-1694
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
CVE-2020-1694
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
CVE-2020-1694
Summary: CVE-2020-1694 affects Keycloak before 10.0.0 where the NodeJS adapter did not support verify-token-audience, enabling some users to access sensitive information outside their permissions. What’s affected: Keycloak (and Red Hat SSO built on Keycloak) with the NodeJS adapter lacking verify...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.1 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...