Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-sso7-keycloak@9.0.10-1.redhat_00001.1?arch=el8sso
Typerpm
Namespaceredhat
Namerh-sso7-keycloak
Version9.0.10-1.redhat_00001.1
Qualifiers
arch el8sso
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-t22n-hvrb-67b5
vulnerability_id VCID-t22n-hvrb-67b5
summary 
Authentication Bypass in keycloak
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
1
reference_url https://access.redhat.com/security/cve/cve-2020-27826
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2020-27826
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37638
published_at 2026-04-13T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37668
published_at 2026-04-18T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37622
published_at 2026-04-07T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37673
published_at 2026-04-08T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.37687
published_at 2026-04-09T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.377
published_at 2026-04-11T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37666
published_at 2026-04-12T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37538
published_at 2026-04-01T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37685
published_at 2026-04-16T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37719
published_at 2026-04-02T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37744
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
4
reference_url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
6
reference_url https://security.archlinux.org/AVG-1373
reference_id AVG-1373
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1373
7
reference_url https://github.com/advisories/GHSA-m9cj-v55f-8x26
reference_id GHSA-m9cj-v55f-8x26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9cj-v55f-8x26
8
reference_url https://access.redhat.com/errata/RHSA-2020:5526
reference_id RHSA-2020:5526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5526
9
reference_url https://access.redhat.com/errata/RHSA-2020:5527
reference_id RHSA-2020:5527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5527
10
reference_url https://access.redhat.com/errata/RHSA-2020:5528
reference_id RHSA-2020:5528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5528
11
reference_url https://access.redhat.com/errata/RHSA-2020:5533
reference_id RHSA-2020:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5533
fixed_packages
aliases CVE-2020-27826, GHSA-m9cj-v55f-8x26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t22n-hvrb-67b5
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@9.0.10-1.redhat_00001.1%3Farch=el8sso