Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•9 views

keycloak: org.keycloak/keycloak-services: Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS5.4AI score0.00392EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•9 views

keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.4AI score0.00305EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•10 views

keycloak: Keycloak: Information disclosure due to user profile permission bypass

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.3AI score0.00348EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•7 views

org.keycloak.keycloak-services: Improper Access Control on Keycloak Server when the account Account API feature is disabled

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.5AI score0.00232EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•10 views

org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: Keycloak: Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.4AI score0.00295EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•15 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.6.3 Update

New Red Hat build of Keycloak 26.6.3 packages are available from the Customer Portal Red Hat build of Keycloak 26.6.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes...

8.8CVSS5.5AI score0.00476EPSS
Exploits0References1
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•10 views

keycloak: org.keycloak.protocol.oidc.grants.ciba: Keycloak: Information disclosure via CORS header injection due to unvalidated JWT azp claim

A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing CORS header injection vulnerability in Keycloak's User-Managed Access UMA token endpoint. This flaw occurs because the azp claim from a client-supplied JSON Web Token JWT is used to set the...

5.3CVSS5.5AI score0.00253EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•10 views

keycloak: Keycloak: Denial of Service via malformed LDAP password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.5AI score0.00476EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•8 views

keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.4AI score0.00312EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•6 views

keycloak: Keycloak: Denial of Service via malformed Authorization header

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.5AI score0.00417EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•9 views

keycloak: Keycloak: Information disclosure via SAML ECP endpoint

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP Security Assertion Markup Language Enhanced Client or Proxy endpoint with varying client IDs. By observing distinct faultstrings in the...

5.3CVSS5.4AI score0.00331EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•8 views

keycloak: Keycloak: Security restriction bypass allows unauthorized ROPC token acquisition

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...

6.5CVSS5.5AI score0.00267EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•8 views

keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•7 views

keycloak: Keycloak: Privilege escalation due to oversized subject_token JWT

A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...

8.8CVSS5.4AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:38 p.m.•6 views

org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: Security flaw in org.keycloak/keycloak-services

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.4AI score0.00281EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/10 5:35 p.m.•8 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.6.3 Images Update

New images are available for Red Hat build of Keycloak 26.6.3 and Red Hat build of Keycloak 26.6.3 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat...

8.8CVSS5.4AI score0.00476EPSS
Exploits0References1
RedHat Linux
RedHat Linux
•added 2026/06/10 5:29 p.m.•15 views

Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (cuda)

Red Hat AI Inference Server Model Optimization Tools 3.2.2 cuda is now available. Red Hat® AI Inference Server Model Optimization Tools...

9.8CVSS7AI score0.02187EPSS
Exploits6References32
RedHat Linux
RedHat Linux
•added 2026/06/10 5:17 p.m.•5 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.6AI score0.00504EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/10 5:17 p.m.•10 views

Important: Red Hat Security Advisory: libsndfile security update

An update for libsndfile is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.5AI score0.00504EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/10 4:54 p.m.•16 views

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2026/06/10 4:54 p.m.•10 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References2
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•8 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•9 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS7.2AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies

A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator URL containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization...

7.5CVSS7.6AI score0.00521EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•7 views

org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access...

9.1CVSS5.4AI score0.01127EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•10 views

org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests

A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server's response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustio...

7.5CVSS5.5AI score0.00625EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•7 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.3AI score0.01535EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•10 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.1AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•7 views

Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path

A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication,...

8.2CVSS7.4AI score0.00334EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•8 views

org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables

A flaw was found in Eclipse Jetty. The JASPIAuthenticator class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly...

7.4CVSS5.5AI score0.00529EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS6.3AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•12 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•8 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•8 views

axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget

A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could le...

9.1CVSS5.5AI score0.00586EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the Object.prototype.validateStatus property. By polluting this property, all HTTP error responses such as 401, 403, or 500 are silently treated as...

8.2CVSS7.5AI score0.00611EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•7 views

axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data

A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the toFormData function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js...

7.5CVSS7.6AI score0.00744EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

axios: Axios: Arbitrary HTTP header injection via prototype pollution

A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to...

7.4CVSS7.7AI score0.00394EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

axios: Axios: HTTP Transport Hijacking via Prototype Pollution

A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HT...

7.4CVSS7.5AI score0.00838EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•8 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.5AI score0.00432EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

axios: Axios: NO_PROXY bypass via crafted URL

A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses within the 127.0.0.0/8 range, excluding 127.0.0.1, the attacker can completely bypass the...

10CVSS7.5AI score0.00661EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•10 views

Spring Boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure.

A flaw was found in Spring Boot. The $random.value property source utilizes a weak pseudo-random number generator PRNG, meaning the values it produces are not sufficiently random for use as cryptographic secrets. An attacker could potentially predict these values, which may lead to information...

8.2CVSS5.4AI score0.00312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•5 views

Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory

A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the ApplicationTemp directory due to predictable temporary directory handling. When the server.servlet.session.persistent setting is enabled and the attack persists across...

7CVSS5.8AI score0.00136EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•7 views

Spring Boot: Spring Boot: Remote code execution via timing attack in DevTools remote secret comparison

A flaw was found in Spring Boot. An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about a remote secret. In extreme circumstances, this could allow the attacker to determine the secret and upload changed classes, leading to...

7.5CVSS6.2AI score0.00262EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•16 views

Important: Red Hat Security Advisory: HawtIO 4.4.0 for Red Hat build of Apache Camel 4 Release and security update.

HawtIO 4.4.0 for Red Hat build of Apache Camel 4 GA Release is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update ...

10CVSS7.3AI score0.01945EPSS
Exploits10References1
RedHat Linux
RedHat Linux
•added 2026/06/10 3:39 p.m.•6 views

crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application

A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...

8.8CVSS7.1AI score0.0034EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 3:15 p.m.•7 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/10 3:15 p.m.•7 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.9AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/10 1:13 p.m.•6 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS8AI score0.0168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 1:13 p.m.•9 views

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

8.7CVSS5.6AI score0.00323EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 1:13 p.m.•9 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.9AI score0.0168EPSS
Exploits0References3
Total number of security vulnerabilities114833