CVE-2022-23017

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled and is configured on a BIG-IP system, undisclosed requests can cause the Traffic...

EUVD-2023-26950

Malicious code in bioql PyPI...

EUVD-2024-0318

Malicious code in bioql PyPI...

EUVD-2022-28128

Malicious code in bioql PyPI...

CVE-2021-47576 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...

keycloak-core: open redirect via "form_post.jwt" JARM response mode

An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt". It is observed that changing the responsemode parameter in the original proof of concept from "formpost" to "formpost.jwt...

CVE-2024-21637 XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode

Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...

keycloak: open redirect via "form_post.jwt" JARM response mode

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

RHEL 8 : Red Hat Single Sign-On 7.6.6 security update on RHEL 8 (Moderate) (RHSA-2024:0095)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0095 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

RHEL 9 : Red Hat Single Sign-On 7.6.6 security update on RHEL 9 (Moderate) (RHSA-2024:0096)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0096 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

Duplicate Advisory: Keycloak Open Redirect vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9vm7-v8wj-3fqw. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients...

CVE-2023-6927

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

CVE-2023-6927

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

CVE-2023-6927 Keycloak: open redirect via "form_post.jwt" jarm response mode

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

CVE-2023-6927

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134. Mitigation Mitigation for this issue ...

Red Hat Keycloak Input Validation Error Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. Red Hat Keycloak suffers from an input validation error vulnerability that stems from a vulnerability that could allow an attacker to steal...

F5 Networks BIG-IP : BIG-IP DNS profile vulnerability (K37708118)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K37708118 advisory. - On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before...

K28042514: BIG-IP TMM and DNS profile vulnerability CVE-2022-23017

Security Advisory Description When a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled and is configured on a BIG-IP system, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23017 Impact System performance can...

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests...

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests...