Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatBuild Of Keycloak

3 matches found

CVE
CVEadded 2024/09/09 7:15 p.m.289 views

CVE-2024-7341

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication...

7.1CVSS6.9AI score0.01149EPSS
CVE
CVEadded 2024/08/21 2:15 p.m.192 views

CVE-2024-7885

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the sa...

7.5CVSS7.4AI score0.28035EPSS
CVE
CVEadded 2024/10/22 2:15 p.m.137 views

CVE-2024-10234

A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.

7.3CVSS6.3AI score0.00415EPSS