Search for packages
| purl | pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2?arch=el8sso |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-sk6p-vfu6-7kem
Aliases: CVE-2020-10776 GHSA-484q-784p-8m5h |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack. | There are no reported fixed by versions. |
|
VCID-th5p-51pd-3ffg
Aliases: CVE-2020-14389 GHSA-c9x9-xv66-xp3v |
Improper privilege management in Keycloak A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:04:03.242960+00:00 | RedHat Importer | Affected by | VCID-th5p-51pd-3ffg | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14389.json | 38.0.0 |
| 2026-04-01T14:04:03.133827+00:00 | RedHat Importer | Affected by | VCID-sk6p-vfu6-7kem | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json | 38.0.0 |