EPSS
Percentile
36.4%
keycloak-saml-core is vulnerable to denial of service (DoS) attacks. The vulnerability exists due to the mishandling of a Logout request with an Extensions in the middle of the request.
Logout
Extensions
www.securityfocus.com/bid/96882
bugzilla.redhat.com/show_bug.cgi?id=1431230
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2646
github.com/keycloak/keycloak/commit/42954e84d99417b8dd5b97181398e2a4cd68bf5d
github.com/keycloak/keycloak/pull/3931
issues.jboss.org/browse/KEYCLOAK-4552