Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-7nv2-691y-13a1

Summary keycloak: logout endpoint /oauth/logout?redirect=url can be abused to redirect logged in users to arbitrary web pages

Aliases

alias	CVE-2020-1723

Fixed_packages

url	pkg:alpm/archlinux/keycloak@16.0.0-1
purl	pkg:alpm/archlinux/keycloak@16.0.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@16.0.0-1

Affected_packages

url pkg:alpm/archlinux/keycloak@15.0.2-1

purl pkg:alpm/archlinux/keycloak@15.0.2-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3248-31p8-tyd4

vulnerability	VCID-6ure-3hgz-xfgn

vulnerability	VCID-7nv2-691y-13a1

vulnerability	VCID-8zrg-f41g-pqfk

vulnerability	VCID-98yf-g4d3-u3g8

vulnerability	VCID-d1ua-u2v7-jqf8

vulnerability	VCID-gndk-728r-9yh7

vulnerability	VCID-hp5p-7wxk-v3eu

vulnerability	VCID-jprv-e2zb-v7bb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@15.0.2-1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1723.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1723.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1723

reference_id

reference_type

scores

value	0.00155
scoring_system	epss
scoring_elements	0.36144
published_at	2026-04-01T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36339
published_at	2026-04-02T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36372
published_at	2026-04-04T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36207
published_at	2026-04-07T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36256
published_at	2026-04-08T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36275
published_at	2026-04-09T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.3628
published_at	2026-04-11T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36243
published_at	2026-04-12T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36219
published_at	2026-04-13T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36262
published_at	2026-04-16T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36246
published_at	2026-04-18T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36195
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1723

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1770276
reference_id	1770276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1770276

reference_url

https://security.archlinux.org/AVG-1332

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1332

Weaknesses

cwe_id	601
name	URL Redirection to Untrusted Site ('Open Redirect')
description	A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

Exploits

Severity_range_score 4.3 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nv2-691y-13a1

Vulnerability Instance