Package Instance

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d

reference_url

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3827

reference_url

reference_id

CVE-2021-3827

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3827

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3827

reference_id

CVE-2021-3827

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3827

reference_url

https://github.com/advisories/GHSA-4pc7-vqv5-5r3v

reference_id

GHSA-4pc7-vqv5-5r3v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4pc7-vqv5-5r3v

reference_url

https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v

reference_id

GHSA-4pc7-vqv5-5r3v

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v

reference_url	https://access.redhat.com/errata/RHSA-2022:0151
reference_id	RHSA-2022:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0151

reference_url	https://access.redhat.com/errata/RHSA-2022:0152
reference_id	RHSA-2022:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0152

reference_url	https://access.redhat.com/errata/RHSA-2022:0155
reference_id	RHSA-2022:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0155

reference_url	https://access.redhat.com/errata/RHSA-2022:0164
reference_id	RHSA-2022:0164
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0164

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@18.0.0

purl pkg:maven/org.keycloak/keycloak-parent@18.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@18.0.0

aliases CVE-2021-3827, GHSA-4pc7-vqv5-5r3v, GMS-2022-1098

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4whe-byzu-uber

url VCID-84mv-ug5g-a3h9

vulnerability_id VCID-84mv-ug5g-a3h9

summary A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters (such as tabs) as separators and tolerates case variations that deviate from RFC 6750 specifications.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0707.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-0707

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06726
published_at	2026-06-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06705
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-0707

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/issues/49433

reference_url

reference_id

49433

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:54:59Z/

url

https://github.com/keycloak/keycloak/issues/49433

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.4::el9
reference_id	cpe:/a:redhat:build_keycloak:26.4::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.4::el9

reference_url

https://access.redhat.com/security/cve/CVE-2026-0707

reference_id

CVE-2026-0707

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:54:59Z/

url

https://access.redhat.com/security/cve/CVE-2026-0707

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-0707

reference_id

CVE-2026-0707

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-0707

reference_url

https://github.com/advisories/GHSA-gv94-wp4h-vv8p

reference_id

GHSA-gv94-wp4h-vv8p

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gv94-wp4h-vv8p

reference_url

https://access.redhat.com/errata/RHSA-2026:3947

reference_id

RHSA-2026:3947

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:54:59Z/

url

https://access.redhat.com/errata/RHSA-2026:3947

reference_url

https://access.redhat.com/errata/RHSA-2026:3948

reference_id

RHSA-2026:3948

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:54:59Z/

url

https://access.redhat.com/errata/RHSA-2026:3948

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2427768

reference_id

show_bug.cgi?id=2427768

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:54:59Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2427768

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@26.5.1

purl pkg:maven/org.keycloak/keycloak-parent@26.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@26.5.1

aliases CVE-2026-0707, GHSA-gv94-wp4h-vv8p

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84mv-ug5g-a3h9

url VCID-c2nr-hks8-4qg1

vulnerability_id VCID-c2nr-hks8-4qg1

summary A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3916

reference_id

reference_type

scores

value	0.00226
scoring_system	epss
scoring_elements	0.45714
published_at	2026-06-12T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45567
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3916

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3916

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3916

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id	cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8

reference_url

https://access.redhat.com/security/cve/CVE-2022-3916

reference_id

CVE-2022-3916

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/security/cve/CVE-2022-3916

reference_url

https://github.com/advisories/GHSA-97g8-xfvw-q4hg

reference_id

GHSA-97g8-xfvw-q4hg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-97g8-xfvw-q4hg

reference_url

https://access.redhat.com/errata/RHSA-2022:8961

reference_id

RHSA-2022:8961

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2022:8961

reference_url

https://access.redhat.com/errata/RHSA-2022:8962

reference_id

RHSA-2022:8962

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2022:8962

reference_url

https://access.redhat.com/errata/RHSA-2022:8963

reference_id

RHSA-2022:8963

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2022:8963

reference_url

https://access.redhat.com/errata/RHSA-2022:8964

reference_id

RHSA-2022:8964

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2022:8964

reference_url

https://access.redhat.com/errata/RHSA-2022:8965

reference_id

RHSA-2022:8965

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2022:8965

reference_url

https://access.redhat.com/errata/RHSA-2023:1043

reference_id

RHSA-2023:1043

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2023:1043

reference_url

https://access.redhat.com/errata/RHSA-2023:1044

reference_id

RHSA-2023:1044

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2023:1044

reference_url

https://access.redhat.com/errata/RHSA-2023:1045

reference_id

RHSA-2023:1045

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2023:1045

reference_url

https://access.redhat.com/errata/RHSA-2023:1047

reference_id

RHSA-2023:1047

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2023:1047

reference_url

https://access.redhat.com/errata/RHSA-2023:1049

reference_id

RHSA-2023:1049

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://access.redhat.com/errata/RHSA-2023:1049

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2141404

reference_id

show_bug.cgi?id=2141404

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2141404

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@20.0.2

purl pkg:maven/org.keycloak/keycloak-parent@20.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@20.0.2

aliases CVE-2022-3916, GHSA-97g8-xfvw-q4hg, GMS-2022-8406

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2nr-hks8-4qg1

url VCID-cbrs-98sn-mqfq

vulnerability_id VCID-cbrs-98sn-mqfq

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1725

reference_id

reference_type

scores

value	0.00115
scoring_system	epss
scoring_elements	0.29757
published_at	2026-06-11T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.29954
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1725

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1765129

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1765129

reference_url

https://issues.redhat.com/browse/KEYCLOAK-16550

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/KEYCLOAK-16550

reference_url

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1725

reference_url

reference_id

CVE-2020-1725

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1725

reference_url

https://github.com/advisories/GHSA-p225-pc2x-4jpm

reference_id

GHSA-p225-pc2x-4jpm

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p225-pc2x-4jpm

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@13.0.0

purl pkg:maven/org.keycloak/keycloak-parent@13.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@13.0.0

aliases CVE-2020-1725, GHSA-p225-pc2x-4jpm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbrs-98sn-mqfq

url VCID-h6ky-xtx2-augv

vulnerability_id VCID-h6ky-xtx2-augv

summary Cross-site Scripting in keycloak

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10776

reference_id

reference_type

scores

value	0.00271
scoring_system	epss
scoring_elements	0.50841
published_at	2026-06-11T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50973
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10776

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1847428

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1847428

reference_url

https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10776

reference_id

CVE-2020-10776

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10776

reference_url

https://github.com/advisories/GHSA-484q-784p-8m5h

reference_id

GHSA-484q-784p-8m5h

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-484q-784p-8m5h

reference_url	https://access.redhat.com/errata/RHSA-2020:4929
reference_id	RHSA-2020:4929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4929

reference_url	https://access.redhat.com/errata/RHSA-2020:4930
reference_id	RHSA-2020:4930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4930

reference_url	https://access.redhat.com/errata/RHSA-2020:4931
reference_id	RHSA-2020:4931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4931

reference_url	https://access.redhat.com/errata/RHSA-2020:4932
reference_id	RHSA-2020:4932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4932

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@12.0.0

purl pkg:maven/org.keycloak/keycloak-parent@12.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-db3z-zawx-kuc4

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@12.0.0

aliases CVE-2020-10776, GHSA-484q-784p-8m5h

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6ky-xtx2-augv

url VCID-hvwy-pv1y-sqeg

vulnerability_id VCID-hvwy-pv1y-sqeg

summary Improper Authentication for Keycloak

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1718

reference_id

reference_type

scores

value	0.00367
scoring_system	epss
scoring_elements	0.59035
published_at	2026-06-11T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.59147
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1718

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1796756
reference_id	1796756
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1796756

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1718

reference_id

CVE-2020-1718

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1718

reference_url

https://github.com/advisories/GHSA-j229-2h63-rvh9

reference_id

GHSA-j229-2h63-rvh9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j229-2h63-rvh9

reference_url	https://access.redhat.com/errata/RHSA-2020:2106
reference_id	RHSA-2020:2106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2106

reference_url	https://access.redhat.com/errata/RHSA-2020:2107
reference_id	RHSA-2020:2107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2107

reference_url	https://access.redhat.com/errata/RHSA-2020:2108
reference_id	RHSA-2020:2108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2108

reference_url	https://access.redhat.com/errata/RHSA-2020:2112
reference_id	RHSA-2020:2112
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2112

reference_url	https://access.redhat.com/errata/RHSA-2020:2252
reference_id	RHSA-2020:2252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2252

reference_url	https://access.redhat.com/errata/RHSA-2020:2905
reference_id	RHSA-2020:2905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2905

reference_url	https://access.redhat.com/errata/RHSA-2020:3196
reference_id	RHSA-2020:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3196

reference_url	https://access.redhat.com/errata/RHSA-2020:3197
reference_id	RHSA-2020:3197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3197

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@8.0.0

purl pkg:maven/org.keycloak/keycloak-parent@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-v9s6-g89x-akbd

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

vulnerability	VCID-ztxp-j5gt-4qdb

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@8.0.0

aliases CVE-2020-1718, GHSA-j229-2h63-rvh9

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hvwy-pv1y-sqeg

url VCID-kj39-hw6e-3ugc

vulnerability_id VCID-kj39-hw6e-3ugc

summary Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2256.json

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2256.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2256

reference_id

reference_type

scores

value	0.00882
scoring_system	epss
scoring_elements	0.75882
published_at	2026-06-12T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75811
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2256

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2101942

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2101942

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/8e705a65ab2aa2b079374ec859ee7a75fad5a7d9

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/8e705a65ab2aa2b079374ec859ee7a75fad5a7d9

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-2256

reference_id

CVE-2022-2256

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-2256

reference_url

https://github.com/advisories/GHSA-w9mf-83w3-fv49

reference_id

GHSA-w9mf-83w3-fv49

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w9mf-83w3-fv49

reference_url

https://github.com/keycloak/keycloak/security/advisories/GHSA-w9mf-83w3-fv49

reference_id

GHSA-w9mf-83w3-fv49

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-w9mf-83w3-fv49

reference_url	https://access.redhat.com/errata/RHSA-2022:6782
reference_id	RHSA-2022:6782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6782

reference_url	https://access.redhat.com/errata/RHSA-2022:6783
reference_id	RHSA-2022:6783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6783

reference_url	https://access.redhat.com/errata/RHSA-2022:6787
reference_id	RHSA-2022:6787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6787

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@19.0.2

purl pkg:maven/org.keycloak/keycloak-parent@19.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@19.0.2

aliases CVE-2022-2256, GHSA-w9mf-83w3-fv49

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kj39-hw6e-3ugc

url VCID-ktfu-j9gz-p7d1

vulnerability_id VCID-ktfu-j9gz-p7d1

summary Keycloak vulnerable to cross-site scripting via the state parameter

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14655.json

reference_url

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14655.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14655

reference_id

reference_type

scores

value	0.0022
scoring_system	epss
scoring_elements	0.44916
published_at	2026-06-12T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44765
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14655

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14655

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625396
reference_id	1625396
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625396

reference_url

reference_id

CVE-2018-14655

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14655

reference_url

https://github.com/advisories/GHSA-458h-wv48-fq75

reference_id

GHSA-458h-wv48-fq75

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-458h-wv48-fq75

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@4.0.0.Beta3

purl pkg:maven/org.keycloak/keycloak-parent@4.0.0.Beta3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-hvwy-pv1y-sqeg

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-pasa-fk1x-dkdz

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-v9s6-g89x-akbd

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

vulnerability	VCID-zneb-4cqe-kyaj

vulnerability	VCID-ztxp-j5gt-4qdb

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@4.0.0.Beta3

url pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

purl pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-hvwy-pv1y-sqeg

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-v9s6-g89x-akbd

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

vulnerability	VCID-zneb-4cqe-kyaj

vulnerability	VCID-ztxp-j5gt-4qdb

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

aliases CVE-2018-14655, GHSA-458h-wv48-fq75

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ktfu-j9gz-p7d1

url VCID-kyss-1ab7-77ef

vulnerability_id VCID-kyss-1ab7-77ef

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3513

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42315
published_at	2026-06-12T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.4215
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3513

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1953439

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1953439

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/pull/7976

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/pull/7976

reference_url	https://security.archlinux.org/ASA-202105-6
reference_id	ASA-202105-6
reference_type
scores
url	https://security.archlinux.org/ASA-202105-6

reference_url

https://security.archlinux.org/AVG-1926

reference_id

AVG-1926

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1926

reference_url

https://access.redhat.com/security/cve/CVE-2021-3513

reference_id

CVE-2021-3513

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3513

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3513

reference_id

CVE-2021-3513

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3513

reference_url

https://github.com/advisories/GHSA-xv7h-95r7-595j

reference_id

GHSA-xv7h-95r7-595j

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xv7h-95r7-595j

reference_url	https://access.redhat.com/errata/RHSA-2021:3527
reference_id	RHSA-2021:3527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3527

reference_url	https://access.redhat.com/errata/RHSA-2021:3528
reference_id	RHSA-2021:3528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3528

reference_url	https://access.redhat.com/errata/RHSA-2021:3529
reference_id	RHSA-2021:3529
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3529

reference_url	https://access.redhat.com/errata/RHSA-2021:3534
reference_id	RHSA-2021:3534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3534

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@13.0.0

purl pkg:maven/org.keycloak/keycloak-parent@13.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@13.0.0

aliases CVE-2021-3513, GHSA-xv7h-95r7-595j

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kyss-1ab7-77ef

url VCID-mapz-gvsn-2qhj

vulnerability_id VCID-mapz-gvsn-2qhj

summary Cross-site Scripting in Keycloak

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10748.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10748.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10748

reference_id

reference_type

scores

value	0.00354
scoring_system	epss
scoring_elements	0.58125
published_at	2026-06-11T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.58239
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10748

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1836786

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1836786

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10748

reference_id

CVE-2020-10748

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10748

reference_url

https://github.com/advisories/GHSA-hgpg-593r-hhvp

reference_id

GHSA-hgpg-593r-hhvp

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hgpg-593r-hhvp

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@10.0.2

purl pkg:maven/org.keycloak/keycloak-parent@10.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-db3z-zawx-kuc4

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@10.0.2

aliases CVE-2020-10748, GHSA-hgpg-593r-hhvp

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mapz-gvsn-2qhj

url VCID-p3em-yab1-6bbk

vulnerability_id VCID-p3em-yab1-6bbk

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14359.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14359.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14359

reference_id

reference_type

scores

value	0.00259
scoring_system	epss
scoring_elements	0.49561
published_at	2026-06-11T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49698
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14359

reference_url

https://github.com/keycloak/keycloak-gatekeeper

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak-gatekeeper

reference_url

https://github.com/keycloak/keycloak/issues/12934

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/issues/12934

reference_url

https://issues.jboss.org/browse/KEYCLOAK-14090

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/KEYCLOAK-14090

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-14359

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-14359

reference_url

https://web.archive.org/web/20190613000352/github.com/keycloak/keycloak-gatekeeper

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20190613000352/github.com/keycloak/keycloak-gatekeeper

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1868591

reference_id

1868591

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1868591

reference_url

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://github.com/advisories/GHSA-jh6m-3pqw-242h
reference_id	GHSA-jh6m-3pqw-242h
reference_type
scores
url	https://github.com/advisories/GHSA-jh6m-3pqw-242h

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@13.0.0

purl pkg:maven/org.keycloak/keycloak-parent@13.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@13.0.0

aliases CVE-2020-14359, GHSA-jh6m-3pqw-242h

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3em-yab1-6bbk

url VCID-pasa-fk1x-dkdz

vulnerability_id VCID-pasa-fk1x-dkdz

summary Keycloak Improper Bruteforce Detection

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14657.json

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14657.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14657

reference_id

reference_type

scores

value	0.00346
scoring_system	epss
scoring_elements	0.57679
published_at	2026-06-12T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57563
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14657

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14657

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625404
reference_id	1625404
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625404

reference_url

reference_id

CVE-2018-14657

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14657

reference_url

https://github.com/advisories/GHSA-85v8-vx4w-q684

reference_id

GHSA-85v8-vx4w-q684

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-85v8-vx4w-q684

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

purl pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-hvwy-pv1y-sqeg

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-v9s6-g89x-akbd

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

vulnerability	VCID-zneb-4cqe-kyaj

vulnerability	VCID-ztxp-j5gt-4qdb

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@4.4.0.Final

url pkg:maven/org.keycloak/keycloak-parent@4.6.0.Final

purl pkg:maven/org.keycloak/keycloak-parent@4.6.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-hvwy-pv1y-sqeg

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-v9s6-g89x-akbd

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

vulnerability	VCID-zneb-4cqe-kyaj

vulnerability	VCID-ztxp-j5gt-4qdb

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@4.6.0.Final

aliases CVE-2018-14657, GHSA-85v8-vx4w-q684

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pasa-fk1x-dkdz

url VCID-rvcz-9csv-gfb4

vulnerability_id VCID-rvcz-9csv-gfb4

summary directory traversal

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14366.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14366.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14366

reference_id

reference_type

scores

value	0.00384
scoring_system	epss
scoring_elements	0.60091
published_at	2026-06-11T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.60198
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14366

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14366

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14366

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1869764
reference_id	1869764
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1869764

reference_url

https://security.archlinux.org/AVG-1471

reference_id

AVG-1471

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1471

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-14366

reference_id

CVE-2020-14366

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-14366

reference_url

https://github.com/advisories/GHSA-cp67-8w3w-6h9c

reference_id

GHSA-cp67-8w3w-6h9c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cp67-8w3w-6h9c

reference_url	https://access.redhat.com/errata/RHSA-2020:4931
reference_id	RHSA-2020:4931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4931

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@12.0.0

purl pkg:maven/org.keycloak/keycloak-parent@12.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-db3z-zawx-kuc4

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@12.0.0

aliases CVE-2020-14366, GHSA-cp67-8w3w-6h9c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rvcz-9csv-gfb4

url VCID-u9df-phf1-83gr

vulnerability_id VCID-u9df-phf1-83gr

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3632

reference_id

reference_type

scores

value	0.00503
scoring_system	epss
scoring_elements	0.66537
published_at	2026-06-11T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66629
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3632

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1978196

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1978196

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4

reference_url

https://github.com/keycloak/keycloak/pull/8203

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/pull/8203

reference_url

https://issues.redhat.com/browse/KEYCLOAK-18500

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/KEYCLOAK-18500

reference_url

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3632

reference_url

reference_id

CVE-2021-3632

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3632

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3632

reference_id

CVE-2021-3632

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3632

reference_url

https://github.com/advisories/GHSA-qpq9-jpv4-6gwr

reference_id

GHSA-qpq9-jpv4-6gwr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qpq9-jpv4-6gwr

reference_url	https://access.redhat.com/errata/RHSA-2021:3527
reference_id	RHSA-2021:3527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3527

reference_url	https://access.redhat.com/errata/RHSA-2021:3528
reference_id	RHSA-2021:3528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3528

reference_url	https://access.redhat.com/errata/RHSA-2021:3529
reference_id	RHSA-2021:3529
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3529

reference_url	https://access.redhat.com/errata/RHSA-2021:3534
reference_id	RHSA-2021:3534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3534

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@15.1.0

purl pkg:maven/org.keycloak/keycloak-parent@15.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4twr-q814-p7as

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@15.1.0

aliases CVE-2021-3632, GHSA-qpq9-jpv4-6gwr

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9df-phf1-83gr

url VCID-v9s6-g89x-akbd

vulnerability_id VCID-v9s6-g89x-akbd

summary Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1694.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1694.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1694

reference_id

reference_type

scores

value	0.00275
scoring_system	epss
scoring_elements	0.51281
published_at	2026-06-11T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51412
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1694

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1790759

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1790759

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1694

reference_id

CVE-2020-1694

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1694

reference_url

https://github.com/advisories/GHSA-72j4-94rx-cr6w

reference_id

GHSA-72j4-94rx-cr6w

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-72j4-94rx-cr6w

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@10.0.0

purl pkg:maven/org.keycloak/keycloak-parent@10.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18mj-nf1g-eudw

vulnerability	VCID-3rur-12kv-m7hb

vulnerability	VCID-4whe-byzu-uber

vulnerability	VCID-7xs3-dzkt-tfgq

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-cbrs-98sn-mqfq

vulnerability	VCID-db3z-zawx-kuc4

vulnerability	VCID-h6ky-xtx2-augv

vulnerability	VCID-kj39-hw6e-3ugc

vulnerability	VCID-kyss-1ab7-77ef

vulnerability	VCID-mapz-gvsn-2qhj

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-p3em-yab1-6bbk

vulnerability	VCID-rvcz-9csv-gfb4

vulnerability	VCID-u9df-phf1-83gr

vulnerability	VCID-we56-zj4r-eqdw

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@10.0.0

aliases CVE-2020-1694, GHSA-72j4-94rx-cr6w

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9s6-g89x-akbd

url VCID-we56-zj4r-eqdw

vulnerability_id VCID-we56-zj4r-eqdw

summary Keycloak SAML javascript protocol mapper: Uploading of scripts through admin console

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2668.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2668.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2668

reference_id

reference_type

scores

value	0.00473
scoring_system	epss
scoring_elements	0.65261
published_at	2026-06-12T12:55:00Z

value	0.00473
scoring_system	epss
scoring_elements	0.6516
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2668

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2115392

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2115392

reference_url

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/e2ae7eef39b27e48ffa4764995d558555f02838c

reference_url

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/e2ae7eef39b27e48ffa4764995d558555f02838c

reference_url

https://access.redhat.com/security/cve/CVE-2022-2668

reference_id

CVE-2022-2668

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2022-2668

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-2668

reference_id

CVE-2022-2668

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-2668

reference_url

https://github.com/advisories/GHSA-wf7g-7h6h-678v

reference_id

GHSA-wf7g-7h6h-678v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wf7g-7h6h-678v

reference_url

https://github.com/keycloak/keycloak/security/advisories/GHSA-wf7g-7h6h-678v

reference_id

GHSA-wf7g-7h6h-678v

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-wf7g-7h6h-678v

reference_url	https://access.redhat.com/errata/RHSA-2022:6782
reference_id	RHSA-2022:6782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6782

reference_url	https://access.redhat.com/errata/RHSA-2022:6783
reference_id	RHSA-2022:6783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6783

reference_url	https://access.redhat.com/errata/RHSA-2022:6787
reference_id	RHSA-2022:6787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6787

reference_url	https://access.redhat.com/errata/RHSA-2022:7409
reference_id	RHSA-2022:7409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7409

reference_url	https://access.redhat.com/errata/RHSA-2022:7410
reference_id	RHSA-2022:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7410

reference_url	https://access.redhat.com/errata/RHSA-2022:7411
reference_id	RHSA-2022:7411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7411

reference_url	https://access.redhat.com/errata/RHSA-2022:7417
reference_id	RHSA-2022:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7417

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@19.0.2

purl pkg:maven/org.keycloak/keycloak-parent@19.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-wfeg-6241-cucs

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@19.0.2

aliases CVE-2022-2668, GHSA-wf7g-7h6h-678v

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-we56-zj4r-eqdw

url VCID-wfeg-6241-cucs

vulnerability_id VCID-wfeg-6241-cucs

summary A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6291

reference_id

reference_type

scores

value	0.00181
scoring_system	epss
scoring_elements	0.39499
published_at	2026-06-11T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.3967
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6291

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b

reference_url

https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-6291

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-6291

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
reference_id	cpe:/a:redhat:build_keycloak:22
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
reference_id	cpe:/a:redhat:build_keycloak:22::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id	cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id	cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id	cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_id	cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id	cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6
reference_id	cpe:/a:redhat:migration_toolkit_applications:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7
reference_id	cpe:/a:redhat:migration_toolkit_applications:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6.6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id	cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id	cpe:/a:redhat:serverless:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1

reference_url

https://access.redhat.com/security/cve/CVE-2023-6291

reference_id

CVE-2023-6291

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/security/cve/CVE-2023-6291

reference_url

https://github.com/advisories/GHSA-mpwq-j3xf-7m5w

reference_id

GHSA-mpwq-j3xf-7m5w

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mpwq-j3xf-7m5w

reference_url

https://access.redhat.com/errata/RHSA-2023:7854

reference_id

RHSA-2023:7854

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7854

reference_url

https://access.redhat.com/errata/RHSA-2023:7855

reference_id

RHSA-2023:7855

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7855

reference_url

https://access.redhat.com/errata/RHSA-2023:7856

reference_id

RHSA-2023:7856

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7856

reference_url

https://access.redhat.com/errata/RHSA-2023:7857

reference_id

RHSA-2023:7857

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7857

reference_url

https://access.redhat.com/errata/RHSA-2023:7858

reference_id

RHSA-2023:7858

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7858

reference_url

https://access.redhat.com/errata/RHSA-2023:7860

reference_id

RHSA-2023:7860

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7860

reference_url

https://access.redhat.com/errata/RHSA-2023:7861

reference_id

RHSA-2023:7861

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2023:7861

reference_url

https://access.redhat.com/errata/RHSA-2024:0798

reference_id

RHSA-2024:0798

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2024:0798

reference_url

https://access.redhat.com/errata/RHSA-2024:0799

reference_id

RHSA-2024:0799

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2024:0799

reference_url

https://access.redhat.com/errata/RHSA-2024:0800

reference_id

RHSA-2024:0800

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2024:0800

reference_url

https://access.redhat.com/errata/RHSA-2024:0801

reference_id

RHSA-2024:0801

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2024:0801

reference_url

https://access.redhat.com/errata/RHSA-2024:0804

reference_id

RHSA-2024:0804

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://access.redhat.com/errata/RHSA-2024:0804

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2251407

reference_id

show_bug.cgi?id=2251407

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2251407

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@23.0.0

purl pkg:maven/org.keycloak/keycloak-parent@23.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-84mv-ug5g-a3h9

vulnerability	VCID-nw7d-d5r1-kua8

vulnerability	VCID-wsxe-rr25-efbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@23.0.0

aliases CVE-2023-6291, GHSA-mpwq-j3xf-7m5w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfeg-6241-cucs

url VCID-wsxe-rr25-efbc

vulnerability_id VCID-wsxe-rr25-efbc

summary A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1518.json

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1518.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-1518

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.02144
published_at	2026-06-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02141
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-1518

reference_url

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2026-1518

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
reference_id	cpe:/a:redhat:build_keycloak:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:

reference_url

reference_id

CVE-2026-1518

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T14:03:51Z/

url

https://access.redhat.com/security/cve/CVE-2026-1518

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-1518

reference_id

CVE-2026-1518

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-1518

reference_url

https://github.com/advisories/GHSA-fwhw-chw4-gh37

reference_id

GHSA-fwhw-chw4-gh37

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fwhw-chw4-gh37

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2433727

reference_id

show_bug.cgi?id=2433727

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T14:03:51Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2433727

fixed_packages

url pkg:maven/org.keycloak/keycloak-parent@26.5.3

purl pkg:maven/org.keycloak/keycloak-parent@26.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nw7d-d5r1-kua8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@26.5.3

aliases CVE-2026-1518, GHSA-fwhw-chw4-gh37

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wsxe-rr25-efbc

url VCID-zneb-4cqe-kyaj

vulnerability_id VCID-zneb-4cqe-kyaj

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1717.json

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1717

reference_id

reference_type

scores

value	0.00183
scoring_system	epss
scoring_elements	0.39865
published_at	2026-06-11T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40035
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1717

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1796281

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1796281

reference_url

https://issues.jboss.org/browse/KEYCLOAK-12014

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/KEYCLOAK-12014

reference_url

reference_id

AVG-1332

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url