Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2026/04/02 3:31 p.m.18 views

Keycloak: Redirect URI validation bypass via ..;/ path traversal in OIDC auth endpoint

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

7.3CVSS5.8AI score0.0044EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2022/08/26 4:15 p.m.6 views

CVE-2021-3688

A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolons. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest...

4.8CVSS5.8AI score0.00472EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/26 12:0 a.m.7 views

PT-2022-10589 · Red Hat · Red Hat Jboss Core Services Http Server

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss Core Services HTTP Server affected versions not specified Description: A flaw was found in Red Hat JBoss Core Services HTTP Server where it does not properly normalize the path component of a request URL containing...

4.8CVSS4.9AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/08/26 12:0 a.m.8 views

Red Hat JBoss Core Services 信息泄露漏洞

Red Hat JBoss Core Services is software that complements the suite of Red Hat JBoss middleware products from Red Hat, Inc. An information disclosure vulnerability exists in all versions of Red Hat JBoss Core Services HTTP Server that stems from its failure to properly specify the path component o...

4.8CVSS6.2AI score0.00472EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/10 5:20 p.m.5 views

JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure

A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolons. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest...

4.8CVSS5.8AI score0.00472EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/10 5:14 p.m.5 views

JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure

A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolons. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest...

4.8CVSS5.8AI score0.00472EPSS
Exploits0References4
Rows per page
Query Builder