Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1?arch=el8sso
Typerpm
Namespaceredhat
Namerh-sso7-keycloak
Version4.8.18-1.Final_redhat_00001.1
Qualifiers
arch el8sso
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-gjy5-c6by-2ufg
vulnerability_id VCID-gjy5-c6by-2ufg
summary 
Improper Handling of Exceptional Conditions
A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1744
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56217
published_at 2026-04-08T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56227
published_at 2026-04-18T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56225
published_at 2026-04-16T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-07T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56222
published_at 2026-04-09T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56192
published_at 2026-04-13T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56056
published_at 2026-04-01T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56209
published_at 2026-04-12T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.56233
published_at 2026-04-11T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.56165
published_at 2026-04-02T12:55:00Z
10
value 0.00333
scoring_system epss
scoring_elements 0.56186
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1744
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1805792
reference_id 1805792
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1805792
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
6
reference_url https://access.redhat.com/security/cve/CVE-2020-1744
reference_id CVE-2020-1744
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-1744
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1744
reference_id CVE-2020-1744
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1744
8
reference_url https://github.com/advisories/GHSA-4gf2-xv97-63m2
reference_id GHSA-4gf2-xv97-63m2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gf2-xv97-63m2
9
reference_url https://access.redhat.com/errata/RHSA-2020:0945
reference_id RHSA-2020:0945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0945
10
reference_url https://access.redhat.com/errata/RHSA-2020:0946
reference_id RHSA-2020:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0946
11
reference_url https://access.redhat.com/errata/RHSA-2020:0947
reference_id RHSA-2020:0947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0947
12
reference_url https://access.redhat.com/errata/RHSA-2020:0951
reference_id RHSA-2020:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0951
13
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
14
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
fixed_packages
aliases CVE-2020-1744, GHSA-4gf2-xv97-63m2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjy5-c6by-2ufg
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1%3Farch=el8sso