Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-sso7-keycloak@3.4.14-1.Final_redhat_00001.1.jbcs?arch=el7
Typerpm
Namespaceredhat
Namerh-sso7-keycloak
Version3.4.14-1.Final_redhat_00001.1.jbcs
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-78nt-79j3-k3fh
vulnerability_id VCID-78nt-79j3-k3fh
summary 
Cross-site Scripting
When using `response_mode=form_post` it is possible to inject arbitrary Javascript-Code via the `state`-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14655.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14655.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14655
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44671
published_at 2026-04-12T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.4465
published_at 2026-04-21T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.4472
published_at 2026-04-18T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.44684
published_at 2026-04-09T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44701
published_at 2026-04-11T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44728
published_at 2026-04-16T12:55:00Z
6
value 0.0022
scoring_system epss
scoring_elements 0.44672
published_at 2026-04-13T12:55:00Z
7
value 0.0022
scoring_system epss
scoring_elements 0.44593
published_at 2026-04-01T12:55:00Z
8
value 0.0022
scoring_system epss
scoring_elements 0.44673
published_at 2026-04-02T12:55:00Z
9
value 0.0022
scoring_system epss
scoring_elements 0.44694
published_at 2026-04-04T12:55:00Z
10
value 0.0022
scoring_system epss
scoring_elements 0.44631
published_at 2026-04-07T12:55:00Z
11
value 0.0022
scoring_system epss
scoring_elements 0.44682
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14655
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655
6
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625396
reference_id 1625396
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625396
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14655
reference_id CVE-2018-14655
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14655
9
reference_url https://github.com/advisories/GHSA-458h-wv48-fq75
reference_id GHSA-458h-wv48-fq75
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-458h-wv48-fq75
fixed_packages
aliases CVE-2018-14655, GHSA-458h-wv48-fq75
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78nt-79j3-k3fh
1
url VCID-evqq-d8uz-9be1
vulnerability_id VCID-evqq-d8uz-9be1
summary 
Improper Authentication
When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14657.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14657.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14657
reference_id
reference_type
scores
0
value 0.00365
scoring_system epss
scoring_elements 0.5855
published_at 2026-04-18T12:55:00Z
1
value 0.00365
scoring_system epss
scoring_elements 0.58476
published_at 2026-04-07T12:55:00Z
2
value 0.00365
scoring_system epss
scoring_elements 0.58528
published_at 2026-04-21T12:55:00Z
3
value 0.00365
scoring_system epss
scoring_elements 0.58534
published_at 2026-04-09T12:55:00Z
4
value 0.00365
scoring_system epss
scoring_elements 0.58551
published_at 2026-04-11T12:55:00Z
5
value 0.00365
scoring_system epss
scoring_elements 0.58532
published_at 2026-04-12T12:55:00Z
6
value 0.00365
scoring_system epss
scoring_elements 0.58512
published_at 2026-04-13T12:55:00Z
7
value 0.00365
scoring_system epss
scoring_elements 0.58545
published_at 2026-04-16T12:55:00Z
8
value 0.00365
scoring_system epss
scoring_elements 0.58399
published_at 2026-04-01T12:55:00Z
9
value 0.00365
scoring_system epss
scoring_elements 0.58485
published_at 2026-04-02T12:55:00Z
10
value 0.00365
scoring_system epss
scoring_elements 0.58505
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14657
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657
6
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625404
reference_id 1625404
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625404
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14657
reference_id CVE-2018-14657
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14657
9
reference_url https://github.com/advisories/GHSA-85v8-vx4w-q684
reference_id GHSA-85v8-vx4w-q684
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-85v8-vx4w-q684
fixed_packages
aliases CVE-2018-14657, GHSA-85v8-vx4w-q684
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-evqq-d8uz-9be1
2
url VCID-hgu6-1a6g-13bw
vulnerability_id VCID-hgu6-1a6g-13bw
summary The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14637
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48527
published_at 2026-04-21T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48539
published_at 2026-04-11T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48512
published_at 2026-04-12T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48525
published_at 2026-04-13T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48575
published_at 2026-04-16T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.4857
published_at 2026-04-18T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48455
published_at 2026-04-01T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48492
published_at 2026-04-02T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48514
published_at 2026-04-04T12:55:00Z
9
value 0.00252
scoring_system epss
scoring_elements 0.48467
published_at 2026-04-07T12:55:00Z
10
value 0.00252
scoring_system epss
scoring_elements 0.48521
published_at 2026-04-08T12:55:00Z
11
value 0.00252
scoring_system epss
scoring_elements 0.48517
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14637
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637
3
reference_url https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1627851
reference_id 1627851
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1627851
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14637
reference_id CVE-2018-14637
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14637
6
reference_url https://github.com/advisories/GHSA-gf2j-7qwg-4f5x
reference_id GHSA-gf2j-7qwg-4f5x
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gf2j-7qwg-4f5x
fixed_packages
aliases CVE-2018-14637, GHSA-gf2j-7qwg-4f5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgu6-1a6g-13bw
3
url VCID-qexf-7axp-9kas
vulnerability_id VCID-qexf-7axp-9kas
summary 
Improper Certificate Validation
It was found that SAML authentication in Keycloak incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/errata/RHSA-2019:0877
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0877
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10894
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17237
published_at 2026-04-09T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.17084
published_at 2026-04-21T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.1705
published_at 2026-04-18T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17045
published_at 2026-04-16T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17107
published_at 2026-04-13T12:55:00Z
5
value 0.00054
scoring_system epss
scoring_elements 0.17089
published_at 2026-04-07T12:55:00Z
6
value 0.00054
scoring_system epss
scoring_elements 0.1718
published_at 2026-04-08T12:55:00Z
7
value 0.00054
scoring_system epss
scoring_elements 0.17215
published_at 2026-04-11T12:55:00Z
8
value 0.00054
scoring_system epss
scoring_elements 0.17167
published_at 2026-04-12T12:55:00Z
9
value 0.00054
scoring_system epss
scoring_elements 0.17088
published_at 2026-04-01T12:55:00Z
10
value 0.00054
scoring_system epss
scoring_elements 0.1726
published_at 2026-04-02T12:55:00Z
11
value 0.00054
scoring_system epss
scoring_elements 0.1731
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10894
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894
7
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
8
reference_url https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1599434
reference_id 1599434
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1599434
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10894
reference_id CVE-2018-10894
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10894
11
reference_url https://github.com/advisories/GHSA-xvv8-8wh9-9fh2
reference_id GHSA-xvv8-8wh9-9fh2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvv8-8wh9-9fh2
fixed_packages
aliases CVE-2018-10894, GHSA-xvv8-8wh9-9fh2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qexf-7axp-9kas
4
url VCID-vnp3-9ddj-qfa2
vulnerability_id VCID-vnp3-9ddj-qfa2
summary A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14658
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47069
published_at 2026-04-21T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47064
published_at 2026-04-09T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47088
published_at 2026-04-11T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47062
published_at 2026-04-12T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47125
published_at 2026-04-16T12:55:00Z
5
value 0.0024
scoring_system epss
scoring_elements 0.4712
published_at 2026-04-18T12:55:00Z
6
value 0.0024
scoring_system epss
scoring_elements 0.47009
published_at 2026-04-01T12:55:00Z
7
value 0.0024
scoring_system epss
scoring_elements 0.47046
published_at 2026-04-02T12:55:00Z
8
value 0.0024
scoring_system epss
scoring_elements 0.47066
published_at 2026-04-04T12:55:00Z
9
value 0.0024
scoring_system epss
scoring_elements 0.47013
published_at 2026-04-07T12:55:00Z
10
value 0.0024
scoring_system epss
scoring_elements 0.47068
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14658
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658
6
reference_url https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625409
reference_id 1625409
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625409
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14658
reference_id CVE-2018-14658
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14658
9
reference_url https://github.com/advisories/GHSA-3qh2-mccc-q5m6
reference_id GHSA-3qh2-mccc-q5m6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3qh2-mccc-q5m6
fixed_packages
aliases CVE-2018-14658, GHSA-3qh2-mccc-q5m6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnp3-9ddj-qfa2
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@3.4.14-1.Final_redhat_00001.1.jbcs%3Farch=el7