cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-6291,https://securityvulnerability.io/vulnerability/CVE-2023-6291,Keycloak: redirect_uri validation bypass,"A flaw has been identified in the redirect_uri validation logic within Keycloak, a product developed by Red Hat. This vulnerability could potentially allow attackers to bypass explicitly allowed hosts, leading to unauthorized access. If exploited, it may enable the theft of access tokens, thereby allowing attackers to impersonate legitimate users and compromise sensitive data. Organizations using Keycloak should ensure they are aware of this issue and implement appropriate security measures to mitigate the risks associated with this vulnerability.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.7,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6,Migration Toolkit For Applications 6,Migration Toolkit For Applications 7,Openshift Serverless,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Fuse 7,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 6,Red Hat Process Automation 7",7.1,HIGH,0.0017099999822676182,false,false,false,false,,false,false,2024-01-26T14:23:43.185Z,0
CVE-2023-6927,https://securityvulnerability.io/vulnerability/CVE-2023-6927,"Keycloak: open redirect via ""form_post.jwt"" jarm response mode","A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode ""form_post.jwt"" which could be used to bypass the security patch implemented to address CVE-2023-6134.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.8,Red Hat Single Sign-on 7.0,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6",4.6,MEDIUM,0.00443999981507659,false,false,false,false,,false,false,2023-12-18T23:15:00.000Z,0
CVE-2023-6134,https://securityvulnerability.io/vulnerability/CVE-2023-6134,Keycloak: reflected xss via wildcard in oidc redirect_uri,"A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.7,Red Hat Single Sign-on 7.0,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6",4.6,MEDIUM,0.001500000013038516,false,false,false,false,,false,false,2023-12-14T22:15:00.000Z,0
CVE-2023-6563,https://securityvulnerability.io/vulnerability/CVE-2023-6563,Keycloak: offline session token dos,"A memory consumption issue has been identified in Keycloak that can significantly impact performance in environments managing millions of offline tokens. This vulnerability can be exploited when an attacker opens the 'consents' tab in the admin User Interface after creating multiple user sessions. The UI's attempt to load extensive offline client sessions leads to excessive CPU and memory use, risking potential crashes of the system.",Red Hat,"Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6,Red Hat Build Of Keycloak",7.7,HIGH,0.001979999942705035,false,false,false,false,,false,false,2023-12-14T18:15:00.000Z,0