Lucene search
+L

3 matches found

CVE
CVE
added 2023/09/20 1:34 p.m.2897 views

CVE-2022-1438

CVE-2022-1438 is an XSS vulnerability in Keycloak where HTML entities are not sanitized during user impersonation. Red Hat advisories (RHSA-2023:1043/1044/1045) fix this issue in Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The NVD CVSS data indicates a MEDIUM to HIGH impact depending on the vecto...

6.4CVSS5.5AI score0.0066EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.43 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8

New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.8AI score0.99615EPSS
Exploits43References32
vulnersOsv
vulnersOsv
added 2023/03/01 4:18 p.m.5 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +55 more potentially affected by CVE-2022-1438 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=21.0.0)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.3.2, =0.6, =0.2, =0.7 and more Source cves: CVE-2022-1438 Source advisory: OSV:GHSA-W354-2F3C-QVG9...

6.4CVSS6.1AI score0.0066EPSS
Exploits0
Rows per page
Query Builder