Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.keycloak/keycloak-core@2.1.0.Final
Typemaven
Namespaceorg.keycloak
Namekeycloak-core
Version2.1.0.Final
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version26.1.3
Latest_non_vulnerable_version26.1.3
Affected_by_vulnerabilities
0
url VCID-1ewb-gxkb-j3cn
vulnerability_id VCID-1ewb-gxkb-j3cn
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1714.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1714.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1714
reference_id
reference_type
scores
0
value 0.02152
scoring_system epss
scoring_elements 0.8468
published_at 2026-06-14T12:55:00Z
1
value 0.02152
scoring_system epss
scoring_elements 0.84679
published_at 2026-06-12T12:55:00Z
2
value 0.02152
scoring_system epss
scoring_elements 0.84626
published_at 2026-06-11T12:55:00Z
3
value 0.02152
scoring_system epss
scoring_elements 0.84688
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1714
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/33863ba16117844930a38ebde57a25258f5b80fd
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/33863ba16117844930a38ebde57a25258f5b80fd
5
reference_url https://github.com/keycloak/keycloak/pull/7053
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/7053
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1705975
reference_id 1705975
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1705975
7
reference_url https://security.archlinux.org/ASA-202005-8
reference_id ASA-202005-8
reference_type
scores
url https://security.archlinux.org/ASA-202005-8
8
reference_url https://security.archlinux.org/AVG-1158
reference_id AVG-1158
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1158
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1714
reference_id CVE-2020-1714
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1714
10
reference_url https://github.com/advisories/GHSA-m6mm-q862-j366
reference_id GHSA-m6mm-q862-j366
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m6mm-q862-j366
11
reference_url https://access.redhat.com/errata/RHSA-2020:2813
reference_id RHSA-2020:2813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2813
12
reference_url https://access.redhat.com/errata/RHSA-2020:2814
reference_id RHSA-2020:2814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2814
13
reference_url https://access.redhat.com/errata/RHSA-2020:2816
reference_id RHSA-2020:2816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2816
14
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
15
reference_url https://access.redhat.com/errata/RHSA-2020:3017
reference_id RHSA-2020:3017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3017
16
reference_url https://access.redhat.com/errata/RHSA-2020:3675
reference_id RHSA-2020:3675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3675
17
reference_url https://access.redhat.com/errata/RHSA-2020:3678
reference_id RHSA-2020:3678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3678
18
reference_url https://access.redhat.com/errata/RHSA-2020:4252
reference_id RHSA-2020:4252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4252
19
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@11.0.0
purl pkg:maven/org.keycloak/keycloak-core@11.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-7q52-ujxg-pyg4
3
vulnerability VCID-7xus-anmm-9ba3
4
vulnerability VCID-b99p-3rqx-v7b4
5
vulnerability VCID-bvmd-z1hf-5yef
6
vulnerability VCID-c2nr-hks8-4qg1
7
vulnerability VCID-cbrs-98sn-mqfq
8
vulnerability VCID-czc3-kxs3-yfdt
9
vulnerability VCID-db3z-zawx-kuc4
10
vulnerability VCID-ejyg-88gf-sfbh
11
vulnerability VCID-fmep-x7k1-37aj
12
vulnerability VCID-h6ky-xtx2-augv
13
vulnerability VCID-kdwj-wspq-1ket
14
vulnerability VCID-kyss-1ab7-77ef
15
vulnerability VCID-m7ec-ad95-87aa
16
vulnerability VCID-q1jj-f5rg-57b1
17
vulnerability VCID-qbxs-9gb1-dbe3
18
vulnerability VCID-sbyx-da8j-mqfx
19
vulnerability VCID-sg1r-gdub-fba1
20
vulnerability VCID-u9df-phf1-83gr
21
vulnerability VCID-utd3-fu1x-augq
22
vulnerability VCID-wfeg-6241-cucs
23
vulnerability VCID-yb4r-xbbq-47en
24
vulnerability VCID-ymg3-rjrx-pkan
25
vulnerability VCID-z5qm-jh27-skdr
26
vulnerability VCID-z5yv-y145-abeh
27
vulnerability VCID-z8cr-qt2v-rkgn
28
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@11.0.0
aliases CVE-2020-1714, GHSA-m6mm-q862-j366
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ewb-gxkb-j3cn
1
url VCID-1twj-46mj-vbeg
vulnerability_id VCID-1twj-46mj-vbeg
summary Improper Restriction of Rendered UI Layers or Frames in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1728.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1728.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1728
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.32694
published_at 2026-06-12T12:55:00Z
1
value 0.00134
scoring_system epss
scoring_elements 0.32513
published_at 2026-06-11T12:55:00Z
2
value 0.00134
scoring_system epss
scoring_elements 0.32693
published_at 2026-06-14T12:55:00Z
3
value 0.00134
scoring_system epss
scoring_elements 0.32716
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1728
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1728
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1728
3
reference_url https://issues.redhat.com/browse/KEYCLOAK-12264
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-12264
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1800585
reference_id 1800585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1800585
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1728
reference_id CVE-2020-1728
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1728
6
reference_url https://github.com/advisories/GHSA-3gg7-9q2x-79fc
reference_id GHSA-3gg7-9q2x-79fc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gg7-9q2x-79fc
7
reference_url https://access.redhat.com/errata/RHSA-2020:3495
reference_id RHSA-2020:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3495
8
reference_url https://access.redhat.com/errata/RHSA-2020:3496
reference_id RHSA-2020:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3496
9
reference_url https://access.redhat.com/errata/RHSA-2020:3497
reference_id RHSA-2020:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3497
10
reference_url https://access.redhat.com/errata/RHSA-2020:3501
reference_id RHSA-2020:3501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3501
11
reference_url https://access.redhat.com/errata/RHSA-2020:3539
reference_id RHSA-2020:3539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3539
12
reference_url https://access.redhat.com/errata/RHSA-2020:4213
reference_id RHSA-2020:4213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4213
13
reference_url https://access.redhat.com/errata/RHSA-2020:4252
reference_id RHSA-2020:4252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4252
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@10.0.0
purl pkg:maven/org.keycloak/keycloak-core@10.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-3jtq-par5-tuax
2
vulnerability VCID-3mcs-n479-zydu
3
vulnerability VCID-7q52-ujxg-pyg4
4
vulnerability VCID-7xus-anmm-9ba3
5
vulnerability VCID-b99p-3rqx-v7b4
6
vulnerability VCID-bvmd-z1hf-5yef
7
vulnerability VCID-c2nr-hks8-4qg1
8
vulnerability VCID-cbrs-98sn-mqfq
9
vulnerability VCID-czc3-kxs3-yfdt
10
vulnerability VCID-db3z-zawx-kuc4
11
vulnerability VCID-ejyg-88gf-sfbh
12
vulnerability VCID-fmep-x7k1-37aj
13
vulnerability VCID-h6ky-xtx2-augv
14
vulnerability VCID-kdwj-wspq-1ket
15
vulnerability VCID-kyss-1ab7-77ef
16
vulnerability VCID-m7ec-ad95-87aa
17
vulnerability VCID-q1jj-f5rg-57b1
18
vulnerability VCID-qbxs-9gb1-dbe3
19
vulnerability VCID-sbyx-da8j-mqfx
20
vulnerability VCID-sg1r-gdub-fba1
21
vulnerability VCID-u9df-phf1-83gr
22
vulnerability VCID-utd3-fu1x-augq
23
vulnerability VCID-wfeg-6241-cucs
24
vulnerability VCID-yb4r-xbbq-47en
25
vulnerability VCID-ymg3-rjrx-pkan
26
vulnerability VCID-z5qm-jh27-skdr
27
vulnerability VCID-z5yv-y145-abeh
28
vulnerability VCID-z8cr-qt2v-rkgn
29
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@10.0.0
aliases CVE-2020-1728, GHSA-3gg7-9q2x-79fc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1twj-46mj-vbeg
2
url VCID-27n8-twqe-c7hg
vulnerability_id VCID-27n8-twqe-c7hg
summary Exposure of Sensitive Information to an Unauthorized Actor in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14820.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14820.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14820
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54742
published_at 2026-06-12T12:55:00Z
1
value 0.0031
scoring_system epss
scoring_elements 0.54617
published_at 2026-06-11T12:55:00Z
2
value 0.0031
scoring_system epss
scoring_elements 0.54743
published_at 2026-06-14T12:55:00Z
3
value 0.0031
scoring_system epss
scoring_elements 0.54759
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14820
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649870
reference_id 1649870
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649870
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14820
reference_id CVE-2019-14820
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14820
5
reference_url https://github.com/advisories/GHSA-xfqh-7356-vqjj
reference_id GHSA-xfqh-7356-vqjj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xfqh-7356-vqjj
6
reference_url https://access.redhat.com/errata/RHSA-2019:3044
reference_id RHSA-2019:3044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3044
7
reference_url https://access.redhat.com/errata/RHSA-2019:3045
reference_id RHSA-2019:3045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3045
8
reference_url https://access.redhat.com/errata/RHSA-2019:3046
reference_id RHSA-2019:3046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3046
9
reference_url https://access.redhat.com/errata/RHSA-2019:3048
reference_id RHSA-2019:3048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3048
10
reference_url https://access.redhat.com/errata/RHSA-2019:3049
reference_id RHSA-2019:3049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3049
11
reference_url https://access.redhat.com/errata/RHSA-2019:3050
reference_id RHSA-2019:3050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3050
12
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@8.0.0
purl pkg:maven/org.keycloak/keycloak-core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-551s-5jc8-x7g4
6
vulnerability VCID-7q52-ujxg-pyg4
7
vulnerability VCID-7xus-anmm-9ba3
8
vulnerability VCID-b99p-3rqx-v7b4
9
vulnerability VCID-bvmd-z1hf-5yef
10
vulnerability VCID-c2nr-hks8-4qg1
11
vulnerability VCID-cbrs-98sn-mqfq
12
vulnerability VCID-cxjv-a4yf-2bgs
13
vulnerability VCID-czc3-kxs3-yfdt
14
vulnerability VCID-ejyg-88gf-sfbh
15
vulnerability VCID-fmep-x7k1-37aj
16
vulnerability VCID-h6ky-xtx2-augv
17
vulnerability VCID-kdwj-wspq-1ket
18
vulnerability VCID-kyss-1ab7-77ef
19
vulnerability VCID-m7ec-ad95-87aa
20
vulnerability VCID-mb69-adq5-aqdy
21
vulnerability VCID-q1jj-f5rg-57b1
22
vulnerability VCID-qbxs-9gb1-dbe3
23
vulnerability VCID-sbyx-da8j-mqfx
24
vulnerability VCID-sg1r-gdub-fba1
25
vulnerability VCID-u9df-phf1-83gr
26
vulnerability VCID-utd3-fu1x-augq
27
vulnerability VCID-w5wa-m47v-7fhy
28
vulnerability VCID-wfeg-6241-cucs
29
vulnerability VCID-yb4r-xbbq-47en
30
vulnerability VCID-ymg3-rjrx-pkan
31
vulnerability VCID-z5qm-jh27-skdr
32
vulnerability VCID-z5yv-y145-abeh
33
vulnerability VCID-z8cr-qt2v-rkgn
34
vulnerability VCID-zha3-5yra-sfae
35
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0
aliases CVE-2019-14820, GHSA-xfqh-7356-vqjj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27n8-twqe-c7hg
3
url VCID-3jtq-par5-tuax
vulnerability_id VCID-3jtq-par5-tuax
summary A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4028.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4028.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4028
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.42754
published_at 2026-06-14T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.42583
published_at 2026-06-11T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.42745
published_at 2026-06-12T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42764
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4028
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-4028
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-4028
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
reference_id cpe:/a:redhat:build_keycloak:
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
6
reference_url https://access.redhat.com/security/cve/CVE-2024-4028
reference_id CVE-2024-4028
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T18:38:24Z/
url https://access.redhat.com/security/cve/CVE-2024-4028
7
reference_url https://github.com/advisories/GHSA-q4xq-445g-g6ch
reference_id GHSA-q4xq-445g-g6ch
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q4xq-445g-g6ch
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276418
reference_id show_bug.cgi?id=2276418
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T18:38:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2276418
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@26.1.3
purl pkg:maven/org.keycloak/keycloak-core@26.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@26.1.3
aliases CVE-2024-4028, GHSA-q4xq-445g-g6ch
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3jtq-par5-tuax
4
url VCID-3mcs-n479-zydu
vulnerability_id VCID-3mcs-n479-zydu
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20202.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20202.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20202
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14509
published_at 2026-06-11T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14626
published_at 2026-06-13T12:55:00Z
2
value 0.00046
scoring_system epss
scoring_elements 0.14601
published_at 2026-06-14T12:55:00Z
3
value 0.00046
scoring_system epss
scoring_elements 0.14627
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20202
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1922128
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1922128
3
reference_url https://issues.redhat.com/browse/KEYCLOAK-17000
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-17000
4
reference_url https://security.archlinux.org/ASA-202105-6
reference_id ASA-202105-6
reference_type
scores
url https://security.archlinux.org/ASA-202105-6
5
reference_url https://security.archlinux.org/AVG-1926
reference_id AVG-1926
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1926
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20202
reference_id CVE-2021-20202
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20202
7
reference_url https://github.com/advisories/GHSA-6xp6-fmc8-pmmr
reference_id GHSA-6xp6-fmc8-pmmr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xp6-fmc8-pmmr
8
reference_url https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-7gf3-89f6-823j
reference_id GHSA-7gf3-89f6-823j
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-7gf3-89f6-823j
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2021-20202, GHSA-6xp6-fmc8-pmmr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mcs-n479-zydu
5
url VCID-49ev-wsaa-4bbn
vulnerability_id VCID-49ev-wsaa-4bbn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1724.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1724.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1724
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.33283
published_at 2026-06-11T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.33465
published_at 2026-06-12T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33485
published_at 2026-06-13T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.3346
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1724
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1724
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1724
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1724
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1724
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1800527
reference_id 1800527
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1800527
6
reference_url https://github.com/advisories/GHSA-8xj2-47xw-q78c
reference_id GHSA-8xj2-47xw-q78c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xj2-47xw-q78c
7
reference_url https://access.redhat.com/errata/RHSA-2020:2106
reference_id RHSA-2020:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2106
8
reference_url https://access.redhat.com/errata/RHSA-2020:2107
reference_id RHSA-2020:2107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2107
9
reference_url https://access.redhat.com/errata/RHSA-2020:2108
reference_id RHSA-2020:2108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2108
10
reference_url https://access.redhat.com/errata/RHSA-2020:2112
reference_id RHSA-2020:2112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2112
11
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
12
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@9.0.2
purl pkg:maven/org.keycloak/keycloak-core@9.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-7q52-ujxg-pyg4
5
vulnerability VCID-7xus-anmm-9ba3
6
vulnerability VCID-b99p-3rqx-v7b4
7
vulnerability VCID-bvmd-z1hf-5yef
8
vulnerability VCID-c2nr-hks8-4qg1
9
vulnerability VCID-cbrs-98sn-mqfq
10
vulnerability VCID-czc3-kxs3-yfdt
11
vulnerability VCID-db3z-zawx-kuc4
12
vulnerability VCID-ejyg-88gf-sfbh
13
vulnerability VCID-fmep-x7k1-37aj
14
vulnerability VCID-h6ky-xtx2-augv
15
vulnerability VCID-kdwj-wspq-1ket
16
vulnerability VCID-kyss-1ab7-77ef
17
vulnerability VCID-m7ec-ad95-87aa
18
vulnerability VCID-q1jj-f5rg-57b1
19
vulnerability VCID-qbxs-9gb1-dbe3
20
vulnerability VCID-sbyx-da8j-mqfx
21
vulnerability VCID-sg1r-gdub-fba1
22
vulnerability VCID-u9df-phf1-83gr
23
vulnerability VCID-utd3-fu1x-augq
24
vulnerability VCID-wfeg-6241-cucs
25
vulnerability VCID-yb4r-xbbq-47en
26
vulnerability VCID-ymg3-rjrx-pkan
27
vulnerability VCID-z5qm-jh27-skdr
28
vulnerability VCID-z5yv-y145-abeh
29
vulnerability VCID-z8cr-qt2v-rkgn
30
vulnerability VCID-zha3-5yra-sfae
31
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.2
aliases CVE-2020-1724, GHSA-8xj2-47xw-q78c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49ev-wsaa-4bbn
6
url VCID-551s-5jc8-x7g4
vulnerability_id VCID-551s-5jc8-x7g4
summary XSS in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1697.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1697
reference_id
reference_type
scores
0
value 0.00283
scoring_system epss
scoring_elements 0.52153
published_at 2026-06-12T12:55:00Z
1
value 0.00283
scoring_system epss
scoring_elements 0.52023
published_at 2026-06-11T12:55:00Z
2
value 0.00283
scoring_system epss
scoring_elements 0.52147
published_at 2026-06-14T12:55:00Z
3
value 0.00283
scoring_system epss
scoring_elements 0.52165
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1697
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1697
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1697
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1791538
reference_id 1791538
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1791538
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1697
reference_id CVE-2020-1697
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1697
5
reference_url https://github.com/advisories/GHSA-8vf3-4w62-m3pq
reference_id GHSA-8vf3-4w62-m3pq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8vf3-4w62-m3pq
6
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
7
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@9.0.0
purl pkg:maven/org.keycloak/keycloak-core@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-7q52-ujxg-pyg4
6
vulnerability VCID-7xus-anmm-9ba3
7
vulnerability VCID-b99p-3rqx-v7b4
8
vulnerability VCID-bvmd-z1hf-5yef
9
vulnerability VCID-c2nr-hks8-4qg1
10
vulnerability VCID-cbrs-98sn-mqfq
11
vulnerability VCID-czc3-kxs3-yfdt
12
vulnerability VCID-db3z-zawx-kuc4
13
vulnerability VCID-ejyg-88gf-sfbh
14
vulnerability VCID-fmep-x7k1-37aj
15
vulnerability VCID-h6ky-xtx2-augv
16
vulnerability VCID-kdwj-wspq-1ket
17
vulnerability VCID-kyss-1ab7-77ef
18
vulnerability VCID-m7ec-ad95-87aa
19
vulnerability VCID-q1jj-f5rg-57b1
20
vulnerability VCID-qbxs-9gb1-dbe3
21
vulnerability VCID-sbyx-da8j-mqfx
22
vulnerability VCID-sg1r-gdub-fba1
23
vulnerability VCID-u9df-phf1-83gr
24
vulnerability VCID-utd3-fu1x-augq
25
vulnerability VCID-w5wa-m47v-7fhy
26
vulnerability VCID-wfeg-6241-cucs
27
vulnerability VCID-yb4r-xbbq-47en
28
vulnerability VCID-ymg3-rjrx-pkan
29
vulnerability VCID-z5qm-jh27-skdr
30
vulnerability VCID-z5yv-y145-abeh
31
vulnerability VCID-z8cr-qt2v-rkgn
32
vulnerability VCID-zha3-5yra-sfae
33
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.0
aliases CVE-2020-1697, GHSA-8vf3-4w62-m3pq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-551s-5jc8-x7g4
7
url VCID-6kkn-nm8v-u3a4
vulnerability_id VCID-6kkn-nm8v-u3a4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10170.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10170.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10170
reference_id
reference_type
scores
0
value 0.00742
scoring_system epss
scoring_elements 0.73433
published_at 2026-06-11T12:55:00Z
1
value 0.00742
scoring_system epss
scoring_elements 0.73507
published_at 2026-06-12T12:55:00Z
2
value 0.00742
scoring_system epss
scoring_elements 0.73522
published_at 2026-06-13T12:55:00Z
3
value 0.00742
scoring_system epss
scoring_elements 0.7352
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10170
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10170
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10170
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10170
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10170
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1721295
reference_id 1721295
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1721295
6
reference_url https://github.com/advisories/GHSA-7m27-3587-83xf
reference_id GHSA-7m27-3587-83xf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7m27-3587-83xf
7
reference_url https://access.redhat.com/errata/RHSA-2019:3050
reference_id RHSA-2019:3050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3050
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@8.0.0
purl pkg:maven/org.keycloak/keycloak-core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-551s-5jc8-x7g4
6
vulnerability VCID-7q52-ujxg-pyg4
7
vulnerability VCID-7xus-anmm-9ba3
8
vulnerability VCID-b99p-3rqx-v7b4
9
vulnerability VCID-bvmd-z1hf-5yef
10
vulnerability VCID-c2nr-hks8-4qg1
11
vulnerability VCID-cbrs-98sn-mqfq
12
vulnerability VCID-cxjv-a4yf-2bgs
13
vulnerability VCID-czc3-kxs3-yfdt
14
vulnerability VCID-ejyg-88gf-sfbh
15
vulnerability VCID-fmep-x7k1-37aj
16
vulnerability VCID-h6ky-xtx2-augv
17
vulnerability VCID-kdwj-wspq-1ket
18
vulnerability VCID-kyss-1ab7-77ef
19
vulnerability VCID-m7ec-ad95-87aa
20
vulnerability VCID-mb69-adq5-aqdy
21
vulnerability VCID-q1jj-f5rg-57b1
22
vulnerability VCID-qbxs-9gb1-dbe3
23
vulnerability VCID-sbyx-da8j-mqfx
24
vulnerability VCID-sg1r-gdub-fba1
25
vulnerability VCID-u9df-phf1-83gr
26
vulnerability VCID-utd3-fu1x-augq
27
vulnerability VCID-w5wa-m47v-7fhy
28
vulnerability VCID-wfeg-6241-cucs
29
vulnerability VCID-yb4r-xbbq-47en
30
vulnerability VCID-ymg3-rjrx-pkan
31
vulnerability VCID-z5qm-jh27-skdr
32
vulnerability VCID-z5yv-y145-abeh
33
vulnerability VCID-z8cr-qt2v-rkgn
34
vulnerability VCID-zha3-5yra-sfae
35
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0
aliases CVE-2019-10170, GHSA-7m27-3587-83xf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kkn-nm8v-u3a4
8
url VCID-7q52-ujxg-pyg4
vulnerability_id VCID-7q52-ujxg-pyg4
summary privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37409
published_at 2026-06-11T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37586
published_at 2026-06-12T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37598
published_at 2026-06-14T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37611
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
3
reference_url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
4
reference_url https://security.archlinux.org/AVG-1373
reference_id AVG-1373
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1373
5
reference_url https://access.redhat.com/security/cve/cve-2020-27826
reference_id CVE-2020-27826
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2020-27826
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
reference_id CVE-2020-27826
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
7
reference_url https://github.com/advisories/GHSA-m9cj-v55f-8x26
reference_id GHSA-m9cj-v55f-8x26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9cj-v55f-8x26
8
reference_url https://access.redhat.com/errata/RHSA-2020:5526
reference_id RHSA-2020:5526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5526
9
reference_url https://access.redhat.com/errata/RHSA-2020:5527
reference_id RHSA-2020:5527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5527
10
reference_url https://access.redhat.com/errata/RHSA-2020:5528
reference_id RHSA-2020:5528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5528
11
reference_url https://access.redhat.com/errata/RHSA-2020:5533
reference_id RHSA-2020:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5533
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@12.0.0
purl pkg:maven/org.keycloak/keycloak-core@12.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-7xus-anmm-9ba3
3
vulnerability VCID-b99p-3rqx-v7b4
4
vulnerability VCID-bvmd-z1hf-5yef
5
vulnerability VCID-c2nr-hks8-4qg1
6
vulnerability VCID-cbrs-98sn-mqfq
7
vulnerability VCID-czc3-kxs3-yfdt
8
vulnerability VCID-db3z-zawx-kuc4
9
vulnerability VCID-ejyg-88gf-sfbh
10
vulnerability VCID-fmep-x7k1-37aj
11
vulnerability VCID-gxku-5esb-1qct
12
vulnerability VCID-kdwj-wspq-1ket
13
vulnerability VCID-kyss-1ab7-77ef
14
vulnerability VCID-m7ec-ad95-87aa
15
vulnerability VCID-q1jj-f5rg-57b1
16
vulnerability VCID-qbxs-9gb1-dbe3
17
vulnerability VCID-sg1r-gdub-fba1
18
vulnerability VCID-u9df-phf1-83gr
19
vulnerability VCID-utd3-fu1x-augq
20
vulnerability VCID-wfeg-6241-cucs
21
vulnerability VCID-yb4r-xbbq-47en
22
vulnerability VCID-ymg3-rjrx-pkan
23
vulnerability VCID-z5qm-jh27-skdr
24
vulnerability VCID-z5yv-y145-abeh
25
vulnerability VCID-z8cr-qt2v-rkgn
26
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0
aliases CVE-2020-27826, GHSA-m9cj-v55f-8x26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q52-ujxg-pyg4
9
url VCID-7tca-nfme-37ek
vulnerability_id VCID-7tca-nfme-37ek
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14637
reference_id
reference_type
scores
0
value 0.00301
scoring_system epss
scoring_elements 0.53919
published_at 2026-06-12T12:55:00Z
1
value 0.00301
scoring_system epss
scoring_elements 0.53793
published_at 2026-06-11T12:55:00Z
2
value 0.00301
scoring_system epss
scoring_elements 0.53923
published_at 2026-06-14T12:55:00Z
3
value 0.00301
scoring_system epss
scoring_elements 0.53936
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14637
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637
3
reference_url https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1627851
reference_id 1627851
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1627851
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14637
reference_id CVE-2018-14637
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14637
6
reference_url https://github.com/advisories/GHSA-gf2j-7qwg-4f5x
reference_id GHSA-gf2j-7qwg-4f5x
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gf2j-7qwg-4f5x
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@4.6.0.Final
purl pkg:maven/org.keycloak/keycloak-core@4.6.0.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7xus-anmm-9ba3
10
vulnerability VCID-b99p-3rqx-v7b4
11
vulnerability VCID-bvmd-z1hf-5yef
12
vulnerability VCID-c2nr-hks8-4qg1
13
vulnerability VCID-cbrs-98sn-mqfq
14
vulnerability VCID-cxjv-a4yf-2bgs
15
vulnerability VCID-czc3-kxs3-yfdt
16
vulnerability VCID-ejyg-88gf-sfbh
17
vulnerability VCID-fmep-x7k1-37aj
18
vulnerability VCID-h6ky-xtx2-augv
19
vulnerability VCID-hvwy-pv1y-sqeg
20
vulnerability VCID-kdwj-wspq-1ket
21
vulnerability VCID-kyss-1ab7-77ef
22
vulnerability VCID-m7ec-ad95-87aa
23
vulnerability VCID-mb69-adq5-aqdy
24
vulnerability VCID-q1jj-f5rg-57b1
25
vulnerability VCID-qbxs-9gb1-dbe3
26
vulnerability VCID-qwr8-j8k6-fqew
27
vulnerability VCID-sbyx-da8j-mqfx
28
vulnerability VCID-sg1r-gdub-fba1
29
vulnerability VCID-t4zx-ktg9-zue4
30
vulnerability VCID-u9df-phf1-83gr
31
vulnerability VCID-utd3-fu1x-augq
32
vulnerability VCID-w5wa-m47v-7fhy
33
vulnerability VCID-wfeg-6241-cucs
34
vulnerability VCID-x6m8-gkbc-4kec
35
vulnerability VCID-x77r-6nax-tqg6
36
vulnerability VCID-xf39-m1jv-zbfj
37
vulnerability VCID-yb4r-xbbq-47en
38
vulnerability VCID-ymg3-rjrx-pkan
39
vulnerability VCID-z5qm-jh27-skdr
40
vulnerability VCID-z5yv-y145-abeh
41
vulnerability VCID-z8cr-qt2v-rkgn
42
vulnerability VCID-zha3-5yra-sfae
43
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.6.0.Final
1
url pkg:maven/org.keycloak/keycloak-core@4.6.0
purl pkg:maven/org.keycloak/keycloak-core@4.6.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.6.0
aliases CVE-2018-14637, GHSA-gf2j-7qwg-4f5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tca-nfme-37ek
10
url VCID-7xus-anmm-9ba3
vulnerability_id VCID-7xus-anmm-9ba3
summary cross-site request forgery
references
0
reference_url http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10770.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10770.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10770
reference_id
reference_type
scores
0
value 0.92282
scoring_system epss
scoring_elements 0.99736
published_at 2026-06-12T12:55:00Z
1
value 0.92282
scoring_system epss
scoring_elements 0.99735
published_at 2026-06-11T12:55:00Z
2
value 0.92282
scoring_system epss
scoring_elements 0.99737
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10770
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1846270
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1846270
4
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
5
reference_url https://github.com/keycloak/keycloak/commit/55a064a978b0b7e0f0b93c33931f7dabe7d0d5e2
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/55a064a978b0b7e0f0b93c33931f7dabe7d0d5e2
6
reference_url https://github.com/keycloak/keycloak-documentation/pull/1086
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak-documentation/pull/1086
7
reference_url https://github.com/keycloak/keycloak/pull/7714
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/7714
8
reference_url https://issues.redhat.com/browse/KEYCLOAK-14019
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-14019
9
reference_url https://issues.redhat.com/browse/KEYCLOAK-3426
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-3426
10
reference_url https://security.archlinux.org/AVG-1577
reference_id AVG-1577
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1577
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50405.py
reference_id CVE-2020-10770
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50405.py
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10770
reference_id CVE-2020-10770
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10770
13
reference_url https://github.com/advisories/GHSA-jh7q-5mwf-qvhw
reference_id GHSA-jh7q-5mwf-qvhw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jh7q-5mwf-qvhw
14
reference_url https://access.redhat.com/errata/RHSA-2021:0318
reference_id RHSA-2021:0318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0318
15
reference_url https://access.redhat.com/errata/RHSA-2021:0319
reference_id RHSA-2021:0319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0319
16
reference_url https://access.redhat.com/errata/RHSA-2021:0320
reference_id RHSA-2021:0320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0320
17
reference_url https://access.redhat.com/errata/RHSA-2021:0327
reference_id RHSA-2021:0327
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0327
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@12.0.2
purl pkg:maven/org.keycloak/keycloak-core@12.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-b99p-3rqx-v7b4
3
vulnerability VCID-bvmd-z1hf-5yef
4
vulnerability VCID-c2nr-hks8-4qg1
5
vulnerability VCID-cbrs-98sn-mqfq
6
vulnerability VCID-czc3-kxs3-yfdt
7
vulnerability VCID-db3z-zawx-kuc4
8
vulnerability VCID-ejyg-88gf-sfbh
9
vulnerability VCID-fmep-x7k1-37aj
10
vulnerability VCID-kdwj-wspq-1ket
11
vulnerability VCID-kyss-1ab7-77ef
12
vulnerability VCID-m7ec-ad95-87aa
13
vulnerability VCID-q1jj-f5rg-57b1
14
vulnerability VCID-qbxs-9gb1-dbe3
15
vulnerability VCID-sg1r-gdub-fba1
16
vulnerability VCID-u9df-phf1-83gr
17
vulnerability VCID-utd3-fu1x-augq
18
vulnerability VCID-wfeg-6241-cucs
19
vulnerability VCID-yb4r-xbbq-47en
20
vulnerability VCID-ymg3-rjrx-pkan
21
vulnerability VCID-z5qm-jh27-skdr
22
vulnerability VCID-z5yv-y145-abeh
23
vulnerability VCID-z8cr-qt2v-rkgn
24
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.2
1
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2020-10770, GHSA-jh7q-5mwf-qvhw
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xus-anmm-9ba3
11
url VCID-b99p-3rqx-v7b4
vulnerability_id VCID-b99p-3rqx-v7b4
summary keycloak-core: mTLS passthrough
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10039.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10039.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10039
reference_id
reference_type
scores
0
value 0.00101
scoring_system epss
scoring_elements 0.27588
published_at 2026-06-14T12:55:00Z
1
value 0.00101
scoring_system epss
scoring_elements 0.27578
published_at 2026-06-12T12:55:00Z
2
value 0.00101
scoring_system epss
scoring_elements 0.27603
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10039
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/issues/35217
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/issues/35217
4
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-93ww-43rr-79v3
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-93ww-43rr-79v3
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2319217
reference_id 2319217
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2319217
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-10039
reference_id CVE-2024-10039
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-10039
7
reference_url https://github.com/advisories/GHSA-93ww-43rr-79v3
reference_id GHSA-93ww-43rr-79v3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-93ww-43rr-79v3
8
reference_url https://access.redhat.com/errata/RHSA-2024:10175
reference_id RHSA-2024:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10175
9
reference_url https://access.redhat.com/errata/RHSA-2024:10176
reference_id RHSA-2024:10176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10176
10
reference_url https://access.redhat.com/errata/RHSA-2024:10177
reference_id RHSA-2024:10177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10177
11
reference_url https://access.redhat.com/errata/RHSA-2024:10178
reference_id RHSA-2024:10178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10178
12
reference_url https://access.redhat.com/errata/RHSA-2025:11645
reference_id RHSA-2025:11645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11645
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@26.0.6
purl pkg:maven/org.keycloak/keycloak-core@26.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@26.0.6
aliases CVE-2024-10039, GHSA-93ww-43rr-79v3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b99p-3rqx-v7b4
12
url VCID-bvmd-z1hf-5yef
vulnerability_id VCID-bvmd-z1hf-5yef
summary Duplicate Advisory: Keycloak Uses a Key Past its Expiration Date
references
0
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
1
reference_url https://access.redhat.com/security/cve/CVE-2024-7318
reference_id CVE-2024-7318
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2024-7318
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7318
reference_id CVE-2024-7318
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-7318
3
reference_url https://github.com/advisories/GHSA-57rh-gr4v-j5f6
reference_id GHSA-57rh-gr4v-j5f6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-57rh-gr4v-j5f6
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@24.0.7
purl pkg:maven/org.keycloak/keycloak-core@24.0.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@24.0.7
1
url pkg:maven/org.keycloak/keycloak-core@25.0.0
purl pkg:maven/org.keycloak/keycloak-core@25.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-sg1r-gdub-fba1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@25.0.0
aliases GHSA-57rh-gr4v-j5f6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvmd-z1hf-5yef
13
url VCID-c2nr-hks8-4qg1
vulnerability_id VCID-c2nr-hks8-4qg1
summary A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3916
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45709
published_at 2026-06-14T12:55:00Z
1
value 0.00226
scoring_system epss
scoring_elements 0.45567
published_at 2026-06-11T12:55:00Z
2
value 0.00226
scoring_system epss
scoring_elements 0.45714
published_at 2026-06-12T12:55:00Z
3
value 0.00226
scoring_system epss
scoring_elements 0.45723
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3916
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3916
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3916
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
11
reference_url https://access.redhat.com/security/cve/CVE-2022-3916
reference_id CVE-2022-3916
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/security/cve/CVE-2022-3916
12
reference_url https://github.com/advisories/GHSA-97g8-xfvw-q4hg
reference_id GHSA-97g8-xfvw-q4hg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-97g8-xfvw-q4hg
13
reference_url https://access.redhat.com/errata/RHSA-2022:8961
reference_id RHSA-2022:8961
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8961
14
reference_url https://access.redhat.com/errata/RHSA-2022:8962
reference_id RHSA-2022:8962
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8962
15
reference_url https://access.redhat.com/errata/RHSA-2022:8963
reference_id RHSA-2022:8963
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8963
16
reference_url https://access.redhat.com/errata/RHSA-2022:8964
reference_id RHSA-2022:8964
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8964
17
reference_url https://access.redhat.com/errata/RHSA-2022:8965
reference_id RHSA-2022:8965
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8965
18
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1043
19
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1044
20
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1045
21
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1047
22
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1049
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141404
reference_id show_bug.cgi?id=2141404
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2141404
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@20.0.2
purl pkg:maven/org.keycloak/keycloak-core@20.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-ejyg-88gf-sfbh
4
vulnerability VCID-m7ec-ad95-87aa
5
vulnerability VCID-sg1r-gdub-fba1
6
vulnerability VCID-srz9-395b-tkhj
7
vulnerability VCID-utd3-fu1x-augq
8
vulnerability VCID-wfeg-6241-cucs
9
vulnerability VCID-yb4r-xbbq-47en
10
vulnerability VCID-z5qm-jh27-skdr
11
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.2
aliases CVE-2022-3916, GHSA-97g8-xfvw-q4hg, GMS-2022-8406
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2nr-hks8-4qg1
14
url VCID-cbrs-98sn-mqfq
vulnerability_id VCID-cbrs-98sn-mqfq
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1725
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.29954
published_at 2026-06-12T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.29953
published_at 2026-06-14T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.29757
published_at 2026-06-11T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.2997
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1725
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1765129
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1765129
3
reference_url https://issues.redhat.com/browse/KEYCLOAK-16550
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-16550
4
reference_url https://security.archlinux.org/AVG-1332
reference_id AVG-1332
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1332
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1725
reference_id CVE-2020-1725
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1725
6
reference_url https://github.com/advisories/GHSA-p225-pc2x-4jpm
reference_id GHSA-p225-pc2x-4jpm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p225-pc2x-4jpm
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2020-1725, GHSA-p225-pc2x-4jpm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbrs-98sn-mqfq
15
url VCID-chvn-6m15-mkgp
vulnerability_id VCID-chvn-6m15-mkgp
summary Improper Authentication in org.keycloak:keycloak-core
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8609.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8609.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8609
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35384
published_at 2026-06-12T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35207
published_at 2026-06-11T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35387
published_at 2026-06-14T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35408
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8609
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1386729
reference_id 1386729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1386729
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8609
reference_id CVE-2016-8609
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-8609
4
reference_url https://github.com/advisories/GHSA-95m6-mjh3-58gm
reference_id GHSA-95m6-mjh3-58gm
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-95m6-mjh3-58gm
5
reference_url https://access.redhat.com/errata/RHSA-2016:2945
reference_id RHSA-2016:2945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2945
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@2.3.0
purl pkg:maven/org.keycloak/keycloak-core@2.3.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.3.0
1
url pkg:maven/org.keycloak/keycloak-core@2.3.0.Final
purl pkg:maven/org.keycloak/keycloak-core@2.3.0.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-f84p-b838-8qge
19
vulnerability VCID-fmep-x7k1-37aj
20
vulnerability VCID-h6ky-xtx2-augv
21
vulnerability VCID-hvwy-pv1y-sqeg
22
vulnerability VCID-k78b-wwvc-e3as
23
vulnerability VCID-kdwj-wspq-1ket
24
vulnerability VCID-kyss-1ab7-77ef
25
vulnerability VCID-m7ec-ad95-87aa
26
vulnerability VCID-mb69-adq5-aqdy
27
vulnerability VCID-q1jj-f5rg-57b1
28
vulnerability VCID-qbxs-9gb1-dbe3
29
vulnerability VCID-qwr8-j8k6-fqew
30
vulnerability VCID-rbre-2rk4-e3gr
31
vulnerability VCID-s5ns-5gk7-b3b3
32
vulnerability VCID-sbyx-da8j-mqfx
33
vulnerability VCID-sg1r-gdub-fba1
34
vulnerability VCID-t4zx-ktg9-zue4
35
vulnerability VCID-tzwz-7xr4-qud3
36
vulnerability VCID-u3st-6pct-kkfy
37
vulnerability VCID-u9df-phf1-83gr
38
vulnerability VCID-ubx3-wzt9-p3fc
39
vulnerability VCID-utd3-fu1x-augq
40
vulnerability VCID-w5wa-m47v-7fhy
41
vulnerability VCID-wfeg-6241-cucs
42
vulnerability VCID-wg5v-btsv-2fcz
43
vulnerability VCID-x6m8-gkbc-4kec
44
vulnerability VCID-x77r-6nax-tqg6
45
vulnerability VCID-xf39-m1jv-zbfj
46
vulnerability VCID-yb4r-xbbq-47en
47
vulnerability VCID-ymg3-rjrx-pkan
48
vulnerability VCID-z5qm-jh27-skdr
49
vulnerability VCID-z5yv-y145-abeh
50
vulnerability VCID-z8cr-qt2v-rkgn
51
vulnerability VCID-zha3-5yra-sfae
52
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.3.0.Final
aliases CVE-2016-8609, GHSA-95m6-mjh3-58gm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chvn-6m15-mkgp
16
url VCID-cxjv-a4yf-2bgs
vulnerability_id VCID-cxjv-a4yf-2bgs
summary Predictable password in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1731.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1731.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1731
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.60507
published_at 2026-06-12T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.60401
published_at 2026-06-11T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.60511
published_at 2026-06-14T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.60518
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1731
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1731
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1731
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1801713
reference_id 1801713
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1801713
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1731
reference_id CVE-2020-1731
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1731
5
reference_url https://github.com/advisories/GHSA-6pmv-7pr9-cgrj
reference_id GHSA-6pmv-7pr9-cgrj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6pmv-7pr9-cgrj
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@8.0.2
purl pkg:maven/org.keycloak/keycloak-core@8.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-551s-5jc8-x7g4
6
vulnerability VCID-7q52-ujxg-pyg4
7
vulnerability VCID-7xus-anmm-9ba3
8
vulnerability VCID-b99p-3rqx-v7b4
9
vulnerability VCID-bvmd-z1hf-5yef
10
vulnerability VCID-c2nr-hks8-4qg1
11
vulnerability VCID-cbrs-98sn-mqfq
12
vulnerability VCID-czc3-kxs3-yfdt
13
vulnerability VCID-ejyg-88gf-sfbh
14
vulnerability VCID-fmep-x7k1-37aj
15
vulnerability VCID-h6ky-xtx2-augv
16
vulnerability VCID-kdwj-wspq-1ket
17
vulnerability VCID-kyss-1ab7-77ef
18
vulnerability VCID-m7ec-ad95-87aa
19
vulnerability VCID-mb69-adq5-aqdy
20
vulnerability VCID-q1jj-f5rg-57b1
21
vulnerability VCID-qbxs-9gb1-dbe3
22
vulnerability VCID-sbyx-da8j-mqfx
23
vulnerability VCID-sg1r-gdub-fba1
24
vulnerability VCID-u9df-phf1-83gr
25
vulnerability VCID-utd3-fu1x-augq
26
vulnerability VCID-w5wa-m47v-7fhy
27
vulnerability VCID-wfeg-6241-cucs
28
vulnerability VCID-yb4r-xbbq-47en
29
vulnerability VCID-ymg3-rjrx-pkan
30
vulnerability VCID-z5qm-jh27-skdr
31
vulnerability VCID-z5yv-y145-abeh
32
vulnerability VCID-z8cr-qt2v-rkgn
33
vulnerability VCID-zha3-5yra-sfae
34
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.2
aliases CVE-2020-1731, GHSA-6pmv-7pr9-cgrj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cxjv-a4yf-2bgs
17
url VCID-czc3-kxs3-yfdt
vulnerability_id VCID-czc3-kxs3-yfdt
summary Keycloak XSS via use of malicious payload as group name when creating new group from admin console
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0225.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0225
reference_id
reference_type
scores
0
value 0.0051
scoring_system epss
scoring_elements 0.6682
published_at 2026-06-11T12:55:00Z
1
value 0.0051
scoring_system epss
scoring_elements 0.66927
published_at 2026-06-14T12:55:00Z
2
value 0.0051
scoring_system epss
scoring_elements 0.66913
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0225
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040268
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2040268
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0225
reference_id CVE-2022-0225
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0225
5
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m
reference_id GHSA-755v-r4x4-qf7m
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m
6
reference_url https://github.com/advisories/GHSA-fqc7-5xxc-ph7r
reference_id GHSA-fqc7-5xxc-ph7r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fqc7-5xxc-ph7r
7
reference_url https://access.redhat.com/errata/RHSA-2022:6782
reference_id RHSA-2022:6782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6782
8
reference_url https://access.redhat.com/errata/RHSA-2022:6783
reference_id RHSA-2022:6783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6783
9
reference_url https://access.redhat.com/errata/RHSA-2022:6787
reference_id RHSA-2022:6787
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6787
10
reference_url https://access.redhat.com/errata/RHSA-2022:7409
reference_id RHSA-2022:7409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7409
11
reference_url https://access.redhat.com/errata/RHSA-2022:7410
reference_id RHSA-2022:7410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7410
12
reference_url https://access.redhat.com/errata/RHSA-2022:7411
reference_id RHSA-2022:7411
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7411
13
reference_url https://access.redhat.com/errata/RHSA-2022:7417
reference_id RHSA-2022:7417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7417
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@16.1.1
purl pkg:maven/org.keycloak/keycloak-core@16.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-ejyg-88gf-sfbh
5
vulnerability VCID-m7ec-ad95-87aa
6
vulnerability VCID-pvrr-mmx8-4kg6
7
vulnerability VCID-q1jj-f5rg-57b1
8
vulnerability VCID-sg1r-gdub-fba1
9
vulnerability VCID-utd3-fu1x-augq
10
vulnerability VCID-wfeg-6241-cucs
11
vulnerability VCID-yb4r-xbbq-47en
12
vulnerability VCID-ymg3-rjrx-pkan
13
vulnerability VCID-z5qm-jh27-skdr
14
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@16.1.1
aliases CVE-2022-0225, GHSA-fqc7-5xxc-ph7r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-czc3-kxs3-yfdt
18
url VCID-ejyg-88gf-sfbh
vulnerability_id VCID-ejyg-88gf-sfbh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1274
reference_id
reference_type
scores
0
value 0.00993
scoring_system epss
scoring_elements 0.77334
published_at 2026-06-11T12:55:00Z
1
value 0.00993
scoring_system epss
scoring_elements 0.77404
published_at 2026-06-12T12:55:00Z
2
value 0.00993
scoring_system epss
scoring_elements 0.7742
published_at 2026-06-13T12:55:00Z
3
value 0.00993
scoring_system epss
scoring_elements 0.77411
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1274
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9
4
reference_url https://github.com/keycloak/keycloak/pull/16764
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/16764
5
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725
6
reference_url https://herolab.usd.de/security-advisories/usd-2021-0033
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://herolab.usd.de/security-advisories/usd-2021-0033
7
reference_url https://herolab.usd.de/security-advisories/usd-2021-0033/
reference_id
reference_type
scores
url https://herolab.usd.de/security-advisories/usd-2021-0033/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1274
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1274
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073157
reference_id 2073157
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2073157
10
reference_url https://github.com/advisories/GHSA-m4fv-gm5m-4725
reference_id GHSA-m4fv-gm5m-4725
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m4fv-gm5m-4725
11
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1043
12
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1044
13
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1045
14
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1047
15
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1049
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@20.0.5
purl pkg:maven/org.keycloak/keycloak-core@20.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-m7ec-ad95-87aa
4
vulnerability VCID-sg1r-gdub-fba1
5
vulnerability VCID-utd3-fu1x-augq
6
vulnerability VCID-wfeg-6241-cucs
7
vulnerability VCID-yb4r-xbbq-47en
8
vulnerability VCID-z5qm-jh27-skdr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.5
aliases CVE-2022-1274, GHSA-m4fv-gm5m-4725, GMS-2023-528
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejyg-88gf-sfbh
19
url VCID-f84p-b838-8qge
vulnerability_id VCID-f84p-b838-8qge
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14658
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47459
published_at 2026-06-14T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47321
published_at 2026-06-11T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47462
published_at 2026-06-12T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47477
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14658
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658
6
reference_url https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625409
reference_id 1625409
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625409
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14658
reference_id CVE-2018-14658
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14658
9
reference_url https://github.com/advisories/GHSA-3qh2-mccc-q5m6
reference_id GHSA-3qh2-mccc-q5m6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3qh2-mccc-q5m6
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@3.3.0.CR1
purl pkg:maven/org.keycloak/keycloak-core@3.3.0.CR1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-fmep-x7k1-37aj
19
vulnerability VCID-h6ky-xtx2-augv
20
vulnerability VCID-hvwy-pv1y-sqeg
21
vulnerability VCID-k78b-wwvc-e3as
22
vulnerability VCID-kdwj-wspq-1ket
23
vulnerability VCID-kyss-1ab7-77ef
24
vulnerability VCID-m7ec-ad95-87aa
25
vulnerability VCID-mb69-adq5-aqdy
26
vulnerability VCID-q1jj-f5rg-57b1
27
vulnerability VCID-qbxs-9gb1-dbe3
28
vulnerability VCID-qwr8-j8k6-fqew
29
vulnerability VCID-rbre-2rk4-e3gr
30
vulnerability VCID-sbyx-da8j-mqfx
31
vulnerability VCID-sg1r-gdub-fba1
32
vulnerability VCID-t4zx-ktg9-zue4
33
vulnerability VCID-u9df-phf1-83gr
34
vulnerability VCID-ubx3-wzt9-p3fc
35
vulnerability VCID-utd3-fu1x-augq
36
vulnerability VCID-w5wa-m47v-7fhy
37
vulnerability VCID-wfeg-6241-cucs
38
vulnerability VCID-x6m8-gkbc-4kec
39
vulnerability VCID-x77r-6nax-tqg6
40
vulnerability VCID-xf39-m1jv-zbfj
41
vulnerability VCID-yb4r-xbbq-47en
42
vulnerability VCID-ymg3-rjrx-pkan
43
vulnerability VCID-z5qm-jh27-skdr
44
vulnerability VCID-z5yv-y145-abeh
45
vulnerability VCID-z8cr-qt2v-rkgn
46
vulnerability VCID-zha3-5yra-sfae
47
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.3.0.CR1
aliases CVE-2018-14658, GHSA-3qh2-mccc-q5m6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f84p-b838-8qge
20
url VCID-fmep-x7k1-37aj
vulnerability_id VCID-fmep-x7k1-37aj
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14302
reference_id
reference_type
scores
0
value 0.00154
scoring_system epss
scoring_elements 0.35912
published_at 2026-06-11T12:55:00Z
1
value 0.00154
scoring_system epss
scoring_elements 0.36091
published_at 2026-06-12T12:55:00Z
2
value 0.00154
scoring_system epss
scoring_elements 0.36115
published_at 2026-06-13T12:55:00Z
3
value 0.00154
scoring_system epss
scoring_elements 0.36102
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14302
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849584
reference_id 1849584
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849584
3
reference_url https://security.archlinux.org/ASA-202105-6
reference_id ASA-202105-6
reference_type
scores
url https://security.archlinux.org/ASA-202105-6
4
reference_url https://security.archlinux.org/AVG-1926
reference_id AVG-1926
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1926
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14302
reference_id CVE-2020-14302
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-14302
6
reference_url https://access.redhat.com/errata/RHSA-2021:0967
reference_id RHSA-2021:0967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0967
7
reference_url https://access.redhat.com/errata/RHSA-2021:0968
reference_id RHSA-2021:0968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0968
8
reference_url https://access.redhat.com/errata/RHSA-2021:0969
reference_id RHSA-2021:0969
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0969
9
reference_url https://access.redhat.com/errata/RHSA-2021:0974
reference_id RHSA-2021:0974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0974
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2020-14302
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmep-x7k1-37aj
21
url VCID-h6ky-xtx2-augv
vulnerability_id VCID-h6ky-xtx2-augv
summary Cross-site Scripting in keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10776
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.50841
published_at 2026-06-11T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50977
published_at 2026-06-14T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.50989
published_at 2026-06-13T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50973
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10776
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1847428
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1847428
3
reference_url https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10776
reference_id CVE-2020-10776
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10776
5
reference_url https://github.com/advisories/GHSA-484q-784p-8m5h
reference_id GHSA-484q-784p-8m5h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-484q-784p-8m5h
6
reference_url https://access.redhat.com/errata/RHSA-2020:4929
reference_id RHSA-2020:4929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4929
7
reference_url https://access.redhat.com/errata/RHSA-2020:4930
reference_id RHSA-2020:4930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4930
8
reference_url https://access.redhat.com/errata/RHSA-2020:4931
reference_id RHSA-2020:4931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4931
9
reference_url https://access.redhat.com/errata/RHSA-2020:4932
reference_id RHSA-2020:4932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4932
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@12.0.0
purl pkg:maven/org.keycloak/keycloak-core@12.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-7xus-anmm-9ba3
3
vulnerability VCID-b99p-3rqx-v7b4
4
vulnerability VCID-bvmd-z1hf-5yef
5
vulnerability VCID-c2nr-hks8-4qg1
6
vulnerability VCID-cbrs-98sn-mqfq
7
vulnerability VCID-czc3-kxs3-yfdt
8
vulnerability VCID-db3z-zawx-kuc4
9
vulnerability VCID-ejyg-88gf-sfbh
10
vulnerability VCID-fmep-x7k1-37aj
11
vulnerability VCID-gxku-5esb-1qct
12
vulnerability VCID-kdwj-wspq-1ket
13
vulnerability VCID-kyss-1ab7-77ef
14
vulnerability VCID-m7ec-ad95-87aa
15
vulnerability VCID-q1jj-f5rg-57b1
16
vulnerability VCID-qbxs-9gb1-dbe3
17
vulnerability VCID-sg1r-gdub-fba1
18
vulnerability VCID-u9df-phf1-83gr
19
vulnerability VCID-utd3-fu1x-augq
20
vulnerability VCID-wfeg-6241-cucs
21
vulnerability VCID-yb4r-xbbq-47en
22
vulnerability VCID-ymg3-rjrx-pkan
23
vulnerability VCID-z5qm-jh27-skdr
24
vulnerability VCID-z5yv-y145-abeh
25
vulnerability VCID-z8cr-qt2v-rkgn
26
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0
aliases CVE-2020-10776, GHSA-484q-784p-8m5h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6ky-xtx2-augv
22
url VCID-hvwy-pv1y-sqeg
vulnerability_id VCID-hvwy-pv1y-sqeg
summary Improper Authentication for Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1718
reference_id
reference_type
scores
0
value 0.00367
scoring_system epss
scoring_elements 0.59147
published_at 2026-06-12T12:55:00Z
1
value 0.00367
scoring_system epss
scoring_elements 0.59035
published_at 2026-06-11T12:55:00Z
2
value 0.00367
scoring_system epss
scoring_elements 0.59149
published_at 2026-06-14T12:55:00Z
3
value 0.00367
scoring_system epss
scoring_elements 0.59158
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1718
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1796756
reference_id 1796756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1796756
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1718
reference_id CVE-2020-1718
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1718
5
reference_url https://github.com/advisories/GHSA-j229-2h63-rvh9
reference_id GHSA-j229-2h63-rvh9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j229-2h63-rvh9
6
reference_url https://access.redhat.com/errata/RHSA-2020:2106
reference_id RHSA-2020:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2106
7
reference_url https://access.redhat.com/errata/RHSA-2020:2107
reference_id RHSA-2020:2107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2107
8
reference_url https://access.redhat.com/errata/RHSA-2020:2108
reference_id RHSA-2020:2108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2108
9
reference_url https://access.redhat.com/errata/RHSA-2020:2112
reference_id RHSA-2020:2112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2112
10
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
11
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
12
reference_url https://access.redhat.com/errata/RHSA-2020:3196
reference_id RHSA-2020:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3196
13
reference_url https://access.redhat.com/errata/RHSA-2020:3197
reference_id RHSA-2020:3197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3197
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@8.0.0
purl pkg:maven/org.keycloak/keycloak-core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-551s-5jc8-x7g4
6
vulnerability VCID-7q52-ujxg-pyg4
7
vulnerability VCID-7xus-anmm-9ba3
8
vulnerability VCID-b99p-3rqx-v7b4
9
vulnerability VCID-bvmd-z1hf-5yef
10
vulnerability VCID-c2nr-hks8-4qg1
11
vulnerability VCID-cbrs-98sn-mqfq
12
vulnerability VCID-cxjv-a4yf-2bgs
13
vulnerability VCID-czc3-kxs3-yfdt
14
vulnerability VCID-ejyg-88gf-sfbh
15
vulnerability VCID-fmep-x7k1-37aj
16
vulnerability VCID-h6ky-xtx2-augv
17
vulnerability VCID-kdwj-wspq-1ket
18
vulnerability VCID-kyss-1ab7-77ef
19
vulnerability VCID-m7ec-ad95-87aa
20
vulnerability VCID-mb69-adq5-aqdy
21
vulnerability VCID-q1jj-f5rg-57b1
22
vulnerability VCID-qbxs-9gb1-dbe3
23
vulnerability VCID-sbyx-da8j-mqfx
24
vulnerability VCID-sg1r-gdub-fba1
25
vulnerability VCID-u9df-phf1-83gr
26
vulnerability VCID-utd3-fu1x-augq
27
vulnerability VCID-w5wa-m47v-7fhy
28
vulnerability VCID-wfeg-6241-cucs
29
vulnerability VCID-yb4r-xbbq-47en
30
vulnerability VCID-ymg3-rjrx-pkan
31
vulnerability VCID-z5qm-jh27-skdr
32
vulnerability VCID-z5yv-y145-abeh
33
vulnerability VCID-z8cr-qt2v-rkgn
34
vulnerability VCID-zha3-5yra-sfae
35
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0
aliases CVE-2020-1718, GHSA-j229-2h63-rvh9
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hvwy-pv1y-sqeg
23
url VCID-k78b-wwvc-e3as
vulnerability_id VCID-k78b-wwvc-e3as
summary Moderate severity vulnerability that affects org.keycloak:keycloak-core
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12161.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12161
reference_id
reference_type
scores
0
value 0.00279
scoring_system epss
scoring_elements 0.51724
published_at 2026-06-12T12:55:00Z
1
value 0.00279
scoring_system epss
scoring_elements 0.51594
published_at 2026-06-11T12:55:00Z
2
value 0.00279
scoring_system epss
scoring_elements 0.51721
published_at 2026-06-14T12:55:00Z
3
value 0.00279
scoring_system epss
scoring_elements 0.51735
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12161
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1484564
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1484564
3
reference_url https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12161
reference_id CVE-2017-12161
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12161
5
reference_url https://github.com/advisories/GHSA-959q-32g8-vvp7
reference_id GHSA-959q-32g8-vvp7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-959q-32g8-vvp7
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@3.4.2.Final
purl pkg:maven/org.keycloak/keycloak-core@3.4.2.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-fmep-x7k1-37aj
19
vulnerability VCID-h6ky-xtx2-augv
20
vulnerability VCID-hvwy-pv1y-sqeg
21
vulnerability VCID-kdwj-wspq-1ket
22
vulnerability VCID-kyss-1ab7-77ef
23
vulnerability VCID-m7ec-ad95-87aa
24
vulnerability VCID-mb69-adq5-aqdy
25
vulnerability VCID-q1jj-f5rg-57b1
26
vulnerability VCID-qbxs-9gb1-dbe3
27
vulnerability VCID-qwr8-j8k6-fqew
28
vulnerability VCID-rbre-2rk4-e3gr
29
vulnerability VCID-sbyx-da8j-mqfx
30
vulnerability VCID-sg1r-gdub-fba1
31
vulnerability VCID-t4zx-ktg9-zue4
32
vulnerability VCID-u9df-phf1-83gr
33
vulnerability VCID-ubx3-wzt9-p3fc
34
vulnerability VCID-utd3-fu1x-augq
35
vulnerability VCID-w5wa-m47v-7fhy
36
vulnerability VCID-wfeg-6241-cucs
37
vulnerability VCID-x6m8-gkbc-4kec
38
vulnerability VCID-x77r-6nax-tqg6
39
vulnerability VCID-xf39-m1jv-zbfj
40
vulnerability VCID-yb4r-xbbq-47en
41
vulnerability VCID-ymg3-rjrx-pkan
42
vulnerability VCID-z5qm-jh27-skdr
43
vulnerability VCID-z5yv-y145-abeh
44
vulnerability VCID-z8cr-qt2v-rkgn
45
vulnerability VCID-zha3-5yra-sfae
46
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.2.Final
1
url pkg:maven/org.keycloak/keycloak-core@3.4.2
purl pkg:maven/org.keycloak/keycloak-core@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.2
aliases CVE-2017-12161, GHSA-959q-32g8-vvp7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k78b-wwvc-e3as
24
url VCID-kdwj-wspq-1ket
vulnerability_id VCID-kdwj-wspq-1ket
summary Keycloak has Files or Directories Accessible to External Parties
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3856.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3856.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3856
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58953
published_at 2026-06-14T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.58963
published_at 2026-06-13T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58952
published_at 2026-06-12T12:55:00Z
3
value 0.00364
scoring_system epss
scoring_elements 0.5884
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3856
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2010164
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2010164
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743
5
reference_url https://github.com/keycloak/keycloak/pull/8588
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/8588
6
reference_url https://issues.redhat.com/browse/KEYCLOAK-19422
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-19422
7
reference_url https://access.redhat.com/security/cve/CVE-2021-3856
reference_id CVE-2021-3856
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3856
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3856
reference_id CVE-2021-3856
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3856
9
reference_url https://github.com/advisories/GHSA-3w4v-rvc4-2xpw
reference_id GHSA-3w4v-rvc4-2xpw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w4v-rvc4-2xpw
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@15.1.0
purl pkg:maven/org.keycloak/keycloak-core@15.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-m7ec-ad95-87aa
7
vulnerability VCID-pvrr-mmx8-4kg6
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-utd3-fu1x-augq
11
vulnerability VCID-wfeg-6241-cucs
12
vulnerability VCID-yb4r-xbbq-47en
13
vulnerability VCID-ymg3-rjrx-pkan
14
vulnerability VCID-z5qm-jh27-skdr
15
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@15.1.0
aliases CVE-2021-3856, GHSA-3w4v-rvc4-2xpw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdwj-wspq-1ket
25
url VCID-kyss-1ab7-77ef
vulnerability_id VCID-kyss-1ab7-77ef
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3513
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42326
published_at 2026-06-14T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.4215
published_at 2026-06-11T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.42337
published_at 2026-06-13T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42315
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3513
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1953439
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1953439
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/pull/7976
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/7976
5
reference_url https://security.archlinux.org/ASA-202105-6
reference_id ASA-202105-6
reference_type
scores
url https://security.archlinux.org/ASA-202105-6
6
reference_url https://security.archlinux.org/AVG-1926
reference_id AVG-1926
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1926
7
reference_url https://access.redhat.com/security/cve/CVE-2021-3513
reference_id CVE-2021-3513
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3513
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3513
reference_id CVE-2021-3513
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3513
9
reference_url https://github.com/advisories/GHSA-xv7h-95r7-595j
reference_id GHSA-xv7h-95r7-595j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xv7h-95r7-595j
10
reference_url https://access.redhat.com/errata/RHSA-2021:3527
reference_id RHSA-2021:3527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3527
11
reference_url https://access.redhat.com/errata/RHSA-2021:3528
reference_id RHSA-2021:3528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3528
12
reference_url https://access.redhat.com/errata/RHSA-2021:3529
reference_id RHSA-2021:3529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3529
13
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2021-3513, GHSA-xv7h-95r7-595j
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kyss-1ab7-77ef
26
url VCID-m7ec-ad95-87aa
vulnerability_id VCID-m7ec-ad95-87aa
summary 
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it redirects to a malicious server. This issue can result in a victim inadvertently trusting the destination of the redirect, potentially leading to a successful phishing attack or other types of attacks.

Once a crafted URL is made, it can be sent to a Keycloak admin via email for example. This will trigger this vulnerability when the user visits the page and clicks the link. A malicious actor can use this to target users they know are Keycloak admins for further attacks. It may also be possible to bypass other domain-related security checks, such as supplying this as a OAuth redirect uri. The malicious actor can further obfuscate the redirect_uri using URL encoding, to hide the text of the actual malicious website domain.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7260.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7260.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7260
reference_id
reference_type
scores
0
value 0.0028
scoring_system epss
scoring_elements 0.51885
published_at 2026-06-14T12:55:00Z
1
value 0.0028
scoring_system epss
scoring_elements 0.51758
published_at 2026-06-11T12:55:00Z
2
value 0.0028
scoring_system epss
scoring_elements 0.51888
published_at 2026-06-12T12:55:00Z
3
value 0.0028
scoring_system epss
scoring_elements 0.519
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7260
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
reference_id cpe:/a:redhat:build_keycloak:24
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
reference_id cpe:/a:redhat:build_keycloak:24::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
5
reference_url https://access.redhat.com/security/cve/CVE-2024-7260
reference_id CVE-2024-7260
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:13:21Z/
url https://access.redhat.com/security/cve/CVE-2024-7260
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7260
reference_id CVE-2024-7260
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-7260
7
reference_url https://github.com/advisories/GHSA-g4gc-rh26-m3p5
reference_id GHSA-g4gc-rh26-m3p5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g4gc-rh26-m3p5
8
reference_url https://access.redhat.com/errata/RHSA-2024:6502
reference_id RHSA-2024:6502
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:13:21Z/
url https://access.redhat.com/errata/RHSA-2024:6502
9
reference_url https://access.redhat.com/errata/RHSA-2024:6503
reference_id RHSA-2024:6503
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:13:21Z/
url https://access.redhat.com/errata/RHSA-2024:6503
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2301875
reference_id show_bug.cgi?id=2301875
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:13:21Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2301875
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@24.0.7
purl pkg:maven/org.keycloak/keycloak-core@24.0.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@24.0.7
1
url pkg:maven/org.keycloak/keycloak-core@25.0.0
purl pkg:maven/org.keycloak/keycloak-core@25.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-sg1r-gdub-fba1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@25.0.0
aliases CVE-2024-7260, GHSA-g4gc-rh26-m3p5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7ec-ad95-87aa
27
url VCID-mb69-adq5-aqdy
vulnerability_id VCID-mb69-adq5-aqdy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1698.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1698
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16153
published_at 2026-06-11T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16296
published_at 2026-06-12T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16308
published_at 2026-06-13T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16279
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1698
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1698
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1698
3
reference_url https://github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836
4
reference_url https://github.com/keycloak/keycloak/pull/6751
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/6751
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1698
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1698
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1790292
reference_id 1790292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1790292
7
reference_url https://github.com/advisories/GHSA-qgmm-f2qw-r95f
reference_id GHSA-qgmm-f2qw-r95f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qgmm-f2qw-r95f
8
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
9
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
10
reference_url https://access.redhat.com/errata/RHSA-2020:5625
reference_id RHSA-2020:5625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5625
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@9.0.0
purl pkg:maven/org.keycloak/keycloak-core@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-7q52-ujxg-pyg4
6
vulnerability VCID-7xus-anmm-9ba3
7
vulnerability VCID-b99p-3rqx-v7b4
8
vulnerability VCID-bvmd-z1hf-5yef
9
vulnerability VCID-c2nr-hks8-4qg1
10
vulnerability VCID-cbrs-98sn-mqfq
11
vulnerability VCID-czc3-kxs3-yfdt
12
vulnerability VCID-db3z-zawx-kuc4
13
vulnerability VCID-ejyg-88gf-sfbh
14
vulnerability VCID-fmep-x7k1-37aj
15
vulnerability VCID-h6ky-xtx2-augv
16
vulnerability VCID-kdwj-wspq-1ket
17
vulnerability VCID-kyss-1ab7-77ef
18
vulnerability VCID-m7ec-ad95-87aa
19
vulnerability VCID-q1jj-f5rg-57b1
20
vulnerability VCID-qbxs-9gb1-dbe3
21
vulnerability VCID-sbyx-da8j-mqfx
22
vulnerability VCID-sg1r-gdub-fba1
23
vulnerability VCID-u9df-phf1-83gr
24
vulnerability VCID-utd3-fu1x-augq
25
vulnerability VCID-w5wa-m47v-7fhy
26
vulnerability VCID-wfeg-6241-cucs
27
vulnerability VCID-yb4r-xbbq-47en
28
vulnerability VCID-ymg3-rjrx-pkan
29
vulnerability VCID-z5qm-jh27-skdr
30
vulnerability VCID-z5yv-y145-abeh
31
vulnerability VCID-z8cr-qt2v-rkgn
32
vulnerability VCID-zha3-5yra-sfae
33
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.0
aliases CVE-2020-1698, GHSA-qgmm-f2qw-r95f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mb69-adq5-aqdy
28
url VCID-q1jj-f5rg-57b1
vulnerability_id VCID-q1jj-f5rg-57b1
summary Improper authorization in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1466.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1466
reference_id
reference_type
scores
0
value 0.00158
scoring_system epss
scoring_elements 0.364
published_at 2026-06-11T12:55:00Z
1
value 0.00158
scoring_system epss
scoring_elements 0.36594
published_at 2026-06-14T12:55:00Z
2
value 0.00158
scoring_system epss
scoring_elements 0.36605
published_at 2026-06-13T12:55:00Z
3
value 0.00158
scoring_system epss
scoring_elements 0.3658
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1466
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2050228
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2050228
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt
5
reference_url https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1466
reference_id CVE-2022-1466
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1466
7
reference_url https://github.com/advisories/GHSA-f32v-vf79-p29q
reference_id GHSA-f32v-vf79-p29q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f32v-vf79-p29q
8
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@17.0.1
purl pkg:maven/org.keycloak/keycloak-core@17.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-ejyg-88gf-sfbh
5
vulnerability VCID-m7ec-ad95-87aa
6
vulnerability VCID-sg1r-gdub-fba1
7
vulnerability VCID-utd3-fu1x-augq
8
vulnerability VCID-wfeg-6241-cucs
9
vulnerability VCID-yb4r-xbbq-47en
10
vulnerability VCID-ymg3-rjrx-pkan
11
vulnerability VCID-z5qm-jh27-skdr
12
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@17.0.1
aliases CVE-2022-1466, GHSA-f32v-vf79-p29q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q1jj-f5rg-57b1
29
url VCID-qbxs-9gb1-dbe3
vulnerability_id VCID-qbxs-9gb1-dbe3
summary cross-site scripting
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20195.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20195.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20195
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.54253
published_at 2026-06-12T12:55:00Z
1
value 0.00305
scoring_system epss
scoring_elements 0.54127
published_at 2026-06-11T12:55:00Z
2
value 0.00305
scoring_system epss
scoring_elements 0.54258
published_at 2026-06-14T12:55:00Z
3
value 0.00305
scoring_system epss
scoring_elements 0.54271
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20195
2
reference_url https://github.com/keycloak/keycloak/commit/717d9515fa131e3d8c8936e41b2e52270fdec976
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/717d9515fa131e3d8c8936e41b2e52270fdec976
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20195
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20195
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1919143
reference_id 1919143
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1919143
5
reference_url https://security.archlinux.org/ASA-202102-29
reference_id ASA-202102-29
reference_type
scores
url https://security.archlinux.org/ASA-202102-29
6
reference_url https://security.archlinux.org/AVG-1578
reference_id AVG-1578
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1578
7
reference_url https://github.com/advisories/GHSA-q6w2-89hq-hq27
reference_id GHSA-q6w2-89hq-hq27
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6w2-89hq-hq27
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@12.0.3
purl pkg:maven/org.keycloak/keycloak-core@12.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-b99p-3rqx-v7b4
3
vulnerability VCID-bvmd-z1hf-5yef
4
vulnerability VCID-c2nr-hks8-4qg1
5
vulnerability VCID-cbrs-98sn-mqfq
6
vulnerability VCID-czc3-kxs3-yfdt
7
vulnerability VCID-db3z-zawx-kuc4
8
vulnerability VCID-ejyg-88gf-sfbh
9
vulnerability VCID-fmep-x7k1-37aj
10
vulnerability VCID-kdwj-wspq-1ket
11
vulnerability VCID-kyss-1ab7-77ef
12
vulnerability VCID-m7ec-ad95-87aa
13
vulnerability VCID-q1jj-f5rg-57b1
14
vulnerability VCID-sg1r-gdub-fba1
15
vulnerability VCID-u9df-phf1-83gr
16
vulnerability VCID-utd3-fu1x-augq
17
vulnerability VCID-wfeg-6241-cucs
18
vulnerability VCID-yb4r-xbbq-47en
19
vulnerability VCID-ymg3-rjrx-pkan
20
vulnerability VCID-z5qm-jh27-skdr
21
vulnerability VCID-z5yv-y145-abeh
22
vulnerability VCID-z8cr-qt2v-rkgn
23
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.3
1
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2021-20195, GHSA-q6w2-89hq-hq27
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbxs-9gb1-dbe3
30
url VCID-qwr8-j8k6-fqew
vulnerability_id VCID-qwr8-j8k6-fqew
summary Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3875.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3875.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3875
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.15277
published_at 2026-06-12T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.1515
published_at 2026-06-11T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.15248
published_at 2026-06-14T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.15283
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3875
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3875
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3875
3
reference_url http://www.securityfocus.com/bid/108748
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108748
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690628
reference_id 1690628
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690628
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3875
reference_id CVE-2019-3875
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3875
6
reference_url https://github.com/advisories/GHSA-38cg-gg9j-q9j9
reference_id GHSA-38cg-gg9j-q9j9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-38cg-gg9j-q9j9
7
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id RHSA-2019:1456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1456
8
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
9
reference_url https://access.redhat.com/errata/RHSA-2020:2366
reference_id RHSA-2020:2366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2366
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@7.0.0
purl pkg:maven/org.keycloak/keycloak-core@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7xus-anmm-9ba3
10
vulnerability VCID-b99p-3rqx-v7b4
11
vulnerability VCID-bvmd-z1hf-5yef
12
vulnerability VCID-c2nr-hks8-4qg1
13
vulnerability VCID-cbrs-98sn-mqfq
14
vulnerability VCID-cxjv-a4yf-2bgs
15
vulnerability VCID-czc3-kxs3-yfdt
16
vulnerability VCID-ejyg-88gf-sfbh
17
vulnerability VCID-fmep-x7k1-37aj
18
vulnerability VCID-h6ky-xtx2-augv
19
vulnerability VCID-hvwy-pv1y-sqeg
20
vulnerability VCID-kdwj-wspq-1ket
21
vulnerability VCID-kyss-1ab7-77ef
22
vulnerability VCID-m7ec-ad95-87aa
23
vulnerability VCID-mb69-adq5-aqdy
24
vulnerability VCID-q1jj-f5rg-57b1
25
vulnerability VCID-qbxs-9gb1-dbe3
26
vulnerability VCID-sbyx-da8j-mqfx
27
vulnerability VCID-sg1r-gdub-fba1
28
vulnerability VCID-t4zx-ktg9-zue4
29
vulnerability VCID-u9df-phf1-83gr
30
vulnerability VCID-utd3-fu1x-augq
31
vulnerability VCID-w5wa-m47v-7fhy
32
vulnerability VCID-wfeg-6241-cucs
33
vulnerability VCID-yb4r-xbbq-47en
34
vulnerability VCID-ymg3-rjrx-pkan
35
vulnerability VCID-z5qm-jh27-skdr
36
vulnerability VCID-z5yv-y145-abeh
37
vulnerability VCID-z8cr-qt2v-rkgn
38
vulnerability VCID-zha3-5yra-sfae
39
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0
aliases CVE-2019-3875, GHSA-38cg-gg9j-q9j9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwr8-j8k6-fqew
31
url VCID-rbre-2rk4-e3gr
vulnerability_id VCID-rbre-2rk4-e3gr
summary Moderate severity vulnerability that affects org.keycloak:keycloak-core
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10912.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10912.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10912
reference_id
reference_type
scores
0
value 0.00474
scoring_system epss
scoring_elements 0.65182
published_at 2026-06-11T12:55:00Z
1
value 0.00474
scoring_system epss
scoring_elements 0.65292
published_at 2026-06-14T12:55:00Z
2
value 0.00474
scoring_system epss
scoring_elements 0.65294
published_at 2026-06-13T12:55:00Z
3
value 0.00474
scoring_system epss
scoring_elements 0.65283
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10912
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1607624
reference_id 1607624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1607624
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10912
reference_id CVE-2018-10912
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10912
5
reference_url https://github.com/advisories/GHSA-h7j7-pw3v-3v3x
reference_id GHSA-h7j7-pw3v-3v3x
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h7j7-pw3v-3v3x
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@4.0.0
purl pkg:maven/org.keycloak/keycloak-core@4.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.0.0
1
url pkg:maven/org.keycloak/keycloak-core@4.0.0.Final
purl pkg:maven/org.keycloak/keycloak-core@4.0.0.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-fmep-x7k1-37aj
19
vulnerability VCID-h6ky-xtx2-augv
20
vulnerability VCID-hvwy-pv1y-sqeg
21
vulnerability VCID-kdwj-wspq-1ket
22
vulnerability VCID-ktfu-j9gz-p7d1
23
vulnerability VCID-kyss-1ab7-77ef
24
vulnerability VCID-m7ec-ad95-87aa
25
vulnerability VCID-mb69-adq5-aqdy
26
vulnerability VCID-q1jj-f5rg-57b1
27
vulnerability VCID-qbxs-9gb1-dbe3
28
vulnerability VCID-qwr8-j8k6-fqew
29
vulnerability VCID-sbyx-da8j-mqfx
30
vulnerability VCID-sg1r-gdub-fba1
31
vulnerability VCID-t4zx-ktg9-zue4
32
vulnerability VCID-u9df-phf1-83gr
33
vulnerability VCID-utd3-fu1x-augq
34
vulnerability VCID-w5wa-m47v-7fhy
35
vulnerability VCID-wfeg-6241-cucs
36
vulnerability VCID-x6m8-gkbc-4kec
37
vulnerability VCID-x77r-6nax-tqg6
38
vulnerability VCID-xf39-m1jv-zbfj
39
vulnerability VCID-yb4r-xbbq-47en
40
vulnerability VCID-ymg3-rjrx-pkan
41
vulnerability VCID-z5qm-jh27-skdr
42
vulnerability VCID-z5yv-y145-abeh
43
vulnerability VCID-z8cr-qt2v-rkgn
44
vulnerability VCID-zha3-5yra-sfae
45
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.0.0.Final
aliases CVE-2018-10912, GHSA-h7j7-pw3v-3v3x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rbre-2rk4-e3gr
32
url VCID-s5ns-5gk7-b3b3
vulnerability_id VCID-s5ns-5gk7-b3b3
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0876.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0876.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:0872
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0872
2
reference_url https://access.redhat.com/errata/RHSA-2017:0873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0873
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8629.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8629.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8629
reference_id
reference_type
scores
0
value 0.00213
scoring_system epss
scoring_elements 0.44109
published_at 2026-06-14T12:55:00Z
1
value 0.00213
scoring_system epss
scoring_elements 0.44103
published_at 2026-06-12T12:55:00Z
2
value 0.00213
scoring_system epss
scoring_elements 0.44121
published_at 2026-06-13T12:55:00Z
3
value 0.00213
scoring_system epss
scoring_elements 0.43948
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8629
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1388988
6
reference_url https://github.com/keycloak/keycloak/commit/a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2
reference_id
reference_type
scores
url https://github.com/keycloak/keycloak/commit/a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2
7
reference_url http://www.securityfocus.com/bid/97392
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97392
8
reference_url http://www.securitytracker.com/id/1038180
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038180
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8629
reference_id CVE-2016-8629
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-8629
10
reference_url https://github.com/advisories/GHSA-778x-2mqv-w6xw
reference_id GHSA-778x-2mqv-w6xw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-778x-2mqv-w6xw
11
reference_url https://access.redhat.com/errata/RHSA-2017:0876
reference_id RHSA-2017:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0876
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@2.4.0.Final
purl pkg:maven/org.keycloak/keycloak-core@2.4.0.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-f84p-b838-8qge
19
vulnerability VCID-fmep-x7k1-37aj
20
vulnerability VCID-h6ky-xtx2-augv
21
vulnerability VCID-hvwy-pv1y-sqeg
22
vulnerability VCID-k78b-wwvc-e3as
23
vulnerability VCID-kdwj-wspq-1ket
24
vulnerability VCID-kyss-1ab7-77ef
25
vulnerability VCID-m7ec-ad95-87aa
26
vulnerability VCID-mb69-adq5-aqdy
27
vulnerability VCID-q1jj-f5rg-57b1
28
vulnerability VCID-qbxs-9gb1-dbe3
29
vulnerability VCID-qwr8-j8k6-fqew
30
vulnerability VCID-rbre-2rk4-e3gr
31
vulnerability VCID-sbyx-da8j-mqfx
32
vulnerability VCID-sg1r-gdub-fba1
33
vulnerability VCID-t4zx-ktg9-zue4
34
vulnerability VCID-tzwz-7xr4-qud3
35
vulnerability VCID-u3st-6pct-kkfy
36
vulnerability VCID-u9df-phf1-83gr
37
vulnerability VCID-ubx3-wzt9-p3fc
38
vulnerability VCID-utd3-fu1x-augq
39
vulnerability VCID-w5wa-m47v-7fhy
40
vulnerability VCID-wfeg-6241-cucs
41
vulnerability VCID-wg5v-btsv-2fcz
42
vulnerability VCID-x6m8-gkbc-4kec
43
vulnerability VCID-x77r-6nax-tqg6
44
vulnerability VCID-xf39-m1jv-zbfj
45
vulnerability VCID-yb4r-xbbq-47en
46
vulnerability VCID-ymg3-rjrx-pkan
47
vulnerability VCID-z5qm-jh27-skdr
48
vulnerability VCID-z5yv-y145-abeh
49
vulnerability VCID-z8cr-qt2v-rkgn
50
vulnerability VCID-zha3-5yra-sfae
51
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.4.0.Final
1
url pkg:maven/org.keycloak/keycloak-core@2.4.0
purl pkg:maven/org.keycloak/keycloak-core@2.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.4.0
aliases CVE-2016-8629, GHSA-778x-2mqv-w6xw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s5ns-5gk7-b3b3
33
url VCID-sbyx-da8j-mqfx
vulnerability_id VCID-sbyx-da8j-mqfx
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14389.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14389.json
1
reference_url https://access.redhat.com/security/cve/cve-2020-14389
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2020-14389
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14389
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35273
published_at 2026-06-14T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35269
published_at 2026-06-12T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35293
published_at 2026-06-13T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35091
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14389
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14389
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14389
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1875843
reference_id 1875843
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1875843
5
reference_url https://github.com/advisories/GHSA-c9x9-xv66-xp3v
reference_id GHSA-c9x9-xv66-xp3v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9x9-xv66-xp3v
6
reference_url https://access.redhat.com/errata/RHSA-2020:4929
reference_id RHSA-2020:4929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4929
7
reference_url https://access.redhat.com/errata/RHSA-2020:4930
reference_id RHSA-2020:4930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4930
8
reference_url https://access.redhat.com/errata/RHSA-2020:4931
reference_id RHSA-2020:4931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4931
9
reference_url https://access.redhat.com/errata/RHSA-2020:4932
reference_id RHSA-2020:4932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4932
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@12.0.0
purl pkg:maven/org.keycloak/keycloak-core@12.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-3mcs-n479-zydu
2
vulnerability VCID-7xus-anmm-9ba3
3
vulnerability VCID-b99p-3rqx-v7b4
4
vulnerability VCID-bvmd-z1hf-5yef
5
vulnerability VCID-c2nr-hks8-4qg1
6
vulnerability VCID-cbrs-98sn-mqfq
7
vulnerability VCID-czc3-kxs3-yfdt
8
vulnerability VCID-db3z-zawx-kuc4
9
vulnerability VCID-ejyg-88gf-sfbh
10
vulnerability VCID-fmep-x7k1-37aj
11
vulnerability VCID-gxku-5esb-1qct
12
vulnerability VCID-kdwj-wspq-1ket
13
vulnerability VCID-kyss-1ab7-77ef
14
vulnerability VCID-m7ec-ad95-87aa
15
vulnerability VCID-q1jj-f5rg-57b1
16
vulnerability VCID-qbxs-9gb1-dbe3
17
vulnerability VCID-sg1r-gdub-fba1
18
vulnerability VCID-u9df-phf1-83gr
19
vulnerability VCID-utd3-fu1x-augq
20
vulnerability VCID-wfeg-6241-cucs
21
vulnerability VCID-yb4r-xbbq-47en
22
vulnerability VCID-ymg3-rjrx-pkan
23
vulnerability VCID-z5qm-jh27-skdr
24
vulnerability VCID-z5yv-y145-abeh
25
vulnerability VCID-z8cr-qt2v-rkgn
26
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0
aliases CVE-2020-14389, GHSA-c9x9-xv66-xp3v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbyx-da8j-mqfx
34
url VCID-sg1r-gdub-fba1
vulnerability_id VCID-sg1r-gdub-fba1
summary 
A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds (default). Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute.
A one time passcode that is valid longer than its expiration time increases the attack window for malicious actors to abuse the system and compromise accounts. Additionally, it increases the attack surface because at any given time, two OTPs are valid.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7318.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7318.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7318
reference_id
reference_type
scores
0
value 0.00938
scoring_system epss
scoring_elements 0.76729
published_at 2026-06-14T12:55:00Z
1
value 0.00938
scoring_system epss
scoring_elements 0.76651
published_at 2026-06-11T12:55:00Z
2
value 0.00938
scoring_system epss
scoring_elements 0.7672
published_at 2026-06-12T12:55:00Z
3
value 0.00938
scoring_system epss
scoring_elements 0.76734
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7318
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
reference_id cpe:/a:redhat:build_keycloak:24
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
reference_id cpe:/a:redhat:build_keycloak:24::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
5
reference_url https://access.redhat.com/security/cve/CVE-2024-7318
reference_id CVE-2024-7318
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:08:16Z/
url https://access.redhat.com/security/cve/CVE-2024-7318
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7318
reference_id CVE-2024-7318
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-7318
7
reference_url https://github.com/advisories/GHSA-xmmm-jw76-q7vg
reference_id GHSA-xmmm-jw76-q7vg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xmmm-jw76-q7vg
8
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-xmmm-jw76-q7vg
reference_id GHSA-xmmm-jw76-q7vg
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-xmmm-jw76-q7vg
9
reference_url https://access.redhat.com/errata/RHSA-2024:6502
reference_id RHSA-2024:6502
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:08:16Z/
url https://access.redhat.com/errata/RHSA-2024:6502
10
reference_url https://access.redhat.com/errata/RHSA-2024:6503
reference_id RHSA-2024:6503
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:08:16Z/
url https://access.redhat.com/errata/RHSA-2024:6503
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2301876
reference_id show_bug.cgi?id=2301876
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:08:16Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2301876
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@24.0.7
purl pkg:maven/org.keycloak/keycloak-core@24.0.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@24.0.7
1
url pkg:maven/org.keycloak/keycloak-core@25.0.4
purl pkg:maven/org.keycloak/keycloak-core@25.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@25.0.4
aliases CVE-2024-7318, GHSA-xmmm-jw76-q7vg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sg1r-gdub-fba1
35
url VCID-t4zx-ktg9-zue4
vulnerability_id VCID-t4zx-ktg9-zue4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14837.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14837.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14837
reference_id
reference_type
scores
0
value 0.01008
scoring_system epss
scoring_elements 0.77491
published_at 2026-06-11T12:55:00Z
1
value 0.01008
scoring_system epss
scoring_elements 0.7756
published_at 2026-06-12T12:55:00Z
2
value 0.01008
scoring_system epss
scoring_elements 0.77574
published_at 2026-06-13T12:55:00Z
3
value 0.01008
scoring_system epss
scoring_elements 0.77565
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14837
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14837
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14837
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/9a7c1a91a59ab85e7f8889a505be04a71580777f
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/9a7c1a91a59ab85e7f8889a505be04a71580777f
5
reference_url https://issues.jboss.org/browse/KEYCLOAK-10780
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/KEYCLOAK-10780
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14837
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14837
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1730227
reference_id 1730227
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1730227
8
reference_url https://github.com/advisories/GHSA-cf8f-w2c5-p5jr
reference_id GHSA-cf8f-w2c5-p5jr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cf8f-w2c5-p5jr
9
reference_url https://access.redhat.com/errata/RHSA-2019:4040
reference_id RHSA-2019:4040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4040
10
reference_url https://access.redhat.com/errata/RHSA-2019:4041
reference_id RHSA-2019:4041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4041
11
reference_url https://access.redhat.com/errata/RHSA-2019:4042
reference_id RHSA-2019:4042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4042
12
reference_url https://access.redhat.com/errata/RHSA-2019:4045
reference_id RHSA-2019:4045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4045
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@8.0.0
purl pkg:maven/org.keycloak/keycloak-core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-49ev-wsaa-4bbn
5
vulnerability VCID-551s-5jc8-x7g4
6
vulnerability VCID-7q52-ujxg-pyg4
7
vulnerability VCID-7xus-anmm-9ba3
8
vulnerability VCID-b99p-3rqx-v7b4
9
vulnerability VCID-bvmd-z1hf-5yef
10
vulnerability VCID-c2nr-hks8-4qg1
11
vulnerability VCID-cbrs-98sn-mqfq
12
vulnerability VCID-cxjv-a4yf-2bgs
13
vulnerability VCID-czc3-kxs3-yfdt
14
vulnerability VCID-ejyg-88gf-sfbh
15
vulnerability VCID-fmep-x7k1-37aj
16
vulnerability VCID-h6ky-xtx2-augv
17
vulnerability VCID-kdwj-wspq-1ket
18
vulnerability VCID-kyss-1ab7-77ef
19
vulnerability VCID-m7ec-ad95-87aa
20
vulnerability VCID-mb69-adq5-aqdy
21
vulnerability VCID-q1jj-f5rg-57b1
22
vulnerability VCID-qbxs-9gb1-dbe3
23
vulnerability VCID-sbyx-da8j-mqfx
24
vulnerability VCID-sg1r-gdub-fba1
25
vulnerability VCID-u9df-phf1-83gr
26
vulnerability VCID-utd3-fu1x-augq
27
vulnerability VCID-w5wa-m47v-7fhy
28
vulnerability VCID-wfeg-6241-cucs
29
vulnerability VCID-yb4r-xbbq-47en
30
vulnerability VCID-ymg3-rjrx-pkan
31
vulnerability VCID-z5qm-jh27-skdr
32
vulnerability VCID-z5yv-y145-abeh
33
vulnerability VCID-z8cr-qt2v-rkgn
34
vulnerability VCID-zha3-5yra-sfae
35
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0
aliases CVE-2019-14837, GHSA-cf8f-w2c5-p5jr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4zx-ktg9-zue4
36
url VCID-tzwz-7xr4-qud3
vulnerability_id VCID-tzwz-7xr4-qud3
summary Keycloak vulnerable to infinite loop based Denial of Service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2646.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2646.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2646
reference_id
reference_type
scores
0
value 0.00503
scoring_system epss
scoring_elements 0.6663
published_at 2026-06-12T12:55:00Z
1
value 0.00503
scoring_system epss
scoring_elements 0.66538
published_at 2026-06-11T12:55:00Z
2
value 0.00503
scoring_system epss
scoring_elements 0.66643
published_at 2026-06-14T12:55:00Z
3
value 0.00503
scoring_system epss
scoring_elements 0.66644
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2646
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2646
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2646
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url http://www.securityfocus.com/bid/96882
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96882
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1431230
reference_id 1431230
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1431230
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2646
reference_id CVE-2017-2646
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2646
7
reference_url https://github.com/advisories/GHSA-jc6q-27mw-p55w
reference_id GHSA-jc6q-27mw-p55w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jc6q-27mw-p55w
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@2.5.5
purl pkg:maven/org.keycloak/keycloak-core@2.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.5
1
url pkg:maven/org.keycloak/keycloak-core@2.5.5.Final
purl pkg:maven/org.keycloak/keycloak-core@2.5.5.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-f84p-b838-8qge
19
vulnerability VCID-fmep-x7k1-37aj
20
vulnerability VCID-h6ky-xtx2-augv
21
vulnerability VCID-hvwy-pv1y-sqeg
22
vulnerability VCID-k78b-wwvc-e3as
23
vulnerability VCID-kdwj-wspq-1ket
24
vulnerability VCID-kyss-1ab7-77ef
25
vulnerability VCID-m7ec-ad95-87aa
26
vulnerability VCID-mb69-adq5-aqdy
27
vulnerability VCID-q1jj-f5rg-57b1
28
vulnerability VCID-qbxs-9gb1-dbe3
29
vulnerability VCID-qwr8-j8k6-fqew
30
vulnerability VCID-rbre-2rk4-e3gr
31
vulnerability VCID-sbyx-da8j-mqfx
32
vulnerability VCID-sg1r-gdub-fba1
33
vulnerability VCID-t4zx-ktg9-zue4
34
vulnerability VCID-u9df-phf1-83gr
35
vulnerability VCID-ubx3-wzt9-p3fc
36
vulnerability VCID-utd3-fu1x-augq
37
vulnerability VCID-w5wa-m47v-7fhy
38
vulnerability VCID-wfeg-6241-cucs
39
vulnerability VCID-x6m8-gkbc-4kec
40
vulnerability VCID-x77r-6nax-tqg6
41
vulnerability VCID-xf39-m1jv-zbfj
42
vulnerability VCID-yb4r-xbbq-47en
43
vulnerability VCID-ymg3-rjrx-pkan
44
vulnerability VCID-z5qm-jh27-skdr
45
vulnerability VCID-z5yv-y145-abeh
46
vulnerability VCID-z8cr-qt2v-rkgn
47
vulnerability VCID-zha3-5yra-sfae
48
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.5.Final
aliases CVE-2017-2646, GHSA-jc6q-27mw-p55w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzwz-7xr4-qud3
37
url VCID-u3st-6pct-kkfy
vulnerability_id VCID-u3st-6pct-kkfy
summary keycloak-core vulnerable to timing attacks against JWS token verification
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0876.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0876.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:0872
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0872
2
reference_url https://access.redhat.com/errata/RHSA-2017:0873
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0873
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2585.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2585.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2585
reference_id
reference_type
scores
0
value 0.00671
scoring_system epss
scoring_elements 0.71946
published_at 2026-06-12T12:55:00Z
1
value 0.00671
scoring_system epss
scoring_elements 0.71861
published_at 2026-06-11T12:55:00Z
2
value 0.00671
scoring_system epss
scoring_elements 0.71956
published_at 2026-06-14T12:55:00Z
3
value 0.00671
scoring_system epss
scoring_elements 0.71959
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2585
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1412376
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1412376
6
reference_url https://web.archive.org/web/20170420113802/http://www.securitytracker.com/id/1038180
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170420113802/http://www.securitytracker.com/id/1038180
7
reference_url https://web.archive.org/web/20200227175650/http://www.securityfocus.com/bid/97393
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227175650/http://www.securityfocus.com/bid/97393
8
reference_url http://www.securityfocus.com/bid/97393
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97393
9
reference_url http://www.securitytracker.com/id/1038180
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038180
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2585
reference_id CVE-2017-2585
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2585
11
reference_url https://github.com/advisories/GHSA-w6gv-3r3v-gwgj
reference_id GHSA-w6gv-3r3v-gwgj
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-w6gv-3r3v-gwgj
12
reference_url https://access.redhat.com/errata/RHSA-2017:0876
reference_id RHSA-2017:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0876
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
purl pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-f84p-b838-8qge
19
vulnerability VCID-fmep-x7k1-37aj
20
vulnerability VCID-h6ky-xtx2-augv
21
vulnerability VCID-hvwy-pv1y-sqeg
22
vulnerability VCID-k78b-wwvc-e3as
23
vulnerability VCID-kdwj-wspq-1ket
24
vulnerability VCID-kyss-1ab7-77ef
25
vulnerability VCID-m7ec-ad95-87aa
26
vulnerability VCID-mb69-adq5-aqdy
27
vulnerability VCID-q1jj-f5rg-57b1
28
vulnerability VCID-qbxs-9gb1-dbe3
29
vulnerability VCID-qwr8-j8k6-fqew
30
vulnerability VCID-rbre-2rk4-e3gr
31
vulnerability VCID-sbyx-da8j-mqfx
32
vulnerability VCID-sg1r-gdub-fba1
33
vulnerability VCID-t4zx-ktg9-zue4
34
vulnerability VCID-tzwz-7xr4-qud3
35
vulnerability VCID-u9df-phf1-83gr
36
vulnerability VCID-ubx3-wzt9-p3fc
37
vulnerability VCID-utd3-fu1x-augq
38
vulnerability VCID-w5wa-m47v-7fhy
39
vulnerability VCID-wfeg-6241-cucs
40
vulnerability VCID-x6m8-gkbc-4kec
41
vulnerability VCID-x77r-6nax-tqg6
42
vulnerability VCID-xf39-m1jv-zbfj
43
vulnerability VCID-yb4r-xbbq-47en
44
vulnerability VCID-ymg3-rjrx-pkan
45
vulnerability VCID-z5qm-jh27-skdr
46
vulnerability VCID-z5yv-y145-abeh
47
vulnerability VCID-z8cr-qt2v-rkgn
48
vulnerability VCID-zha3-5yra-sfae
49
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
1
url pkg:maven/org.keycloak/keycloak-core@2.5.1
purl pkg:maven/org.keycloak/keycloak-core@2.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1
aliases CVE-2017-2585, GHSA-w6gv-3r3v-gwgj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3st-6pct-kkfy
38
url VCID-u9df-phf1-83gr
vulnerability_id VCID-u9df-phf1-83gr
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3632
reference_id
reference_type
scores
0
value 0.00503
scoring_system epss
scoring_elements 0.66537
published_at 2026-06-11T12:55:00Z
1
value 0.00503
scoring_system epss
scoring_elements 0.66641
published_at 2026-06-14T12:55:00Z
2
value 0.00503
scoring_system epss
scoring_elements 0.66643
published_at 2026-06-13T12:55:00Z
3
value 0.00503
scoring_system epss
scoring_elements 0.66629
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3632
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1978196
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1978196
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4
5
reference_url https://github.com/keycloak/keycloak/pull/8203
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/8203
6
reference_url https://issues.redhat.com/browse/KEYCLOAK-18500
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-18500
7
reference_url https://security.archlinux.org/AVG-1332
reference_id AVG-1332
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1332
8
reference_url https://access.redhat.com/security/cve/CVE-2021-3632
reference_id CVE-2021-3632
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3632
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3632
reference_id CVE-2021-3632
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3632
10
reference_url https://github.com/advisories/GHSA-qpq9-jpv4-6gwr
reference_id GHSA-qpq9-jpv4-6gwr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qpq9-jpv4-6gwr
11
reference_url https://access.redhat.com/errata/RHSA-2021:3527
reference_id RHSA-2021:3527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3527
12
reference_url https://access.redhat.com/errata/RHSA-2021:3528
reference_id RHSA-2021:3528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3528
13
reference_url https://access.redhat.com/errata/RHSA-2021:3529
reference_id RHSA-2021:3529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3529
14
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@15.1.0
purl pkg:maven/org.keycloak/keycloak-core@15.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-m7ec-ad95-87aa
7
vulnerability VCID-pvrr-mmx8-4kg6
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-utd3-fu1x-augq
11
vulnerability VCID-wfeg-6241-cucs
12
vulnerability VCID-yb4r-xbbq-47en
13
vulnerability VCID-ymg3-rjrx-pkan
14
vulnerability VCID-z5qm-jh27-skdr
15
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@15.1.0
aliases CVE-2021-3632, GHSA-qpq9-jpv4-6gwr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9df-phf1-83gr
39
url VCID-ubx3-wzt9-p3fc
vulnerability_id VCID-ubx3-wzt9-p3fc
summary Keycloak Authentication Error
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3592
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3592
1
reference_url https://access.redhat.com/errata/RHSA-2018:3593
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3593
2
reference_url https://access.redhat.com/errata/RHSA-2018:3595
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3595
3
reference_url https://access.redhat.com/errata/RHSA-2019:0877
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0877
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10894
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17575
published_at 2026-06-12T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.17566
published_at 2026-06-14T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.17411
published_at 2026-06-11T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17593
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10894
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894
7
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
8
reference_url https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1599434
reference_id 1599434
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1599434
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10894
reference_id CVE-2018-10894
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10894
11
reference_url https://github.com/advisories/GHSA-xvv8-8wh9-9fh2
reference_id GHSA-xvv8-8wh9-9fh2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvv8-8wh9-9fh2
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@3.4.3.Final
purl pkg:maven/org.keycloak/keycloak-core@3.4.3.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-fmep-x7k1-37aj
19
vulnerability VCID-h6ky-xtx2-augv
20
vulnerability VCID-hvwy-pv1y-sqeg
21
vulnerability VCID-kdwj-wspq-1ket
22
vulnerability VCID-ktfu-j9gz-p7d1
23
vulnerability VCID-kyss-1ab7-77ef
24
vulnerability VCID-m7ec-ad95-87aa
25
vulnerability VCID-mb69-adq5-aqdy
26
vulnerability VCID-q1jj-f5rg-57b1
27
vulnerability VCID-qbxs-9gb1-dbe3
28
vulnerability VCID-qwr8-j8k6-fqew
29
vulnerability VCID-rbre-2rk4-e3gr
30
vulnerability VCID-sbyx-da8j-mqfx
31
vulnerability VCID-sg1r-gdub-fba1
32
vulnerability VCID-t4zx-ktg9-zue4
33
vulnerability VCID-u9df-phf1-83gr
34
vulnerability VCID-utd3-fu1x-augq
35
vulnerability VCID-w5wa-m47v-7fhy
36
vulnerability VCID-wfeg-6241-cucs
37
vulnerability VCID-x6m8-gkbc-4kec
38
vulnerability VCID-x77r-6nax-tqg6
39
vulnerability VCID-xf39-m1jv-zbfj
40
vulnerability VCID-yb4r-xbbq-47en
41
vulnerability VCID-ymg3-rjrx-pkan
42
vulnerability VCID-z5qm-jh27-skdr
43
vulnerability VCID-z5yv-y145-abeh
44
vulnerability VCID-z8cr-qt2v-rkgn
45
vulnerability VCID-zha3-5yra-sfae
46
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.3.Final
1
url pkg:maven/org.keycloak/keycloak-core@3.4.3
purl pkg:maven/org.keycloak/keycloak-core@3.4.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.3
aliases CVE-2018-10894, GHSA-xvv8-8wh9-9fh2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubx3-wzt9-p3fc
40
url VCID-utd3-fu1x-augq
vulnerability_id VCID-utd3-fu1x-augq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6134.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6134.json
1
reference_url https://access.redhat.com/security/cve/CVE-2023-6134
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-6134
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6134
reference_id
reference_type
scores
0
value 0.02468
scoring_system epss
scoring_elements 0.85643
published_at 2026-06-14T12:55:00Z
1
value 0.02468
scoring_system epss
scoring_elements 0.85641
published_at 2026-06-12T12:55:00Z
2
value 0.02468
scoring_system epss
scoring_elements 0.8565
published_at 2026-06-13T12:55:00Z
3
value 0.02468
scoring_system epss
scoring_elements 0.85589
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6134
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/15a21bf8e4fb71f006ba9caf25b9c9d1d152cd20
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/15a21bf8e4fb71f006ba9caf25b9c9d1d152cd20
5
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-cvg2-7c3j-g36j
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-cvg2-7c3j-g36j
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6134
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6134
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2249673
reference_id 2249673
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2249673
8
reference_url https://github.com/advisories/GHSA-cvg2-7c3j-g36j
reference_id GHSA-cvg2-7c3j-g36j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvg2-7c3j-g36j
9
reference_url https://access.redhat.com/errata/RHSA-2023:7854
reference_id RHSA-2023:7854
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7854
10
reference_url https://access.redhat.com/errata/RHSA-2023:7855
reference_id RHSA-2023:7855
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7855
11
reference_url https://access.redhat.com/errata/RHSA-2023:7856
reference_id RHSA-2023:7856
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7856
12
reference_url https://access.redhat.com/errata/RHSA-2023:7857
reference_id RHSA-2023:7857
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7857
13
reference_url https://access.redhat.com/errata/RHSA-2023:7858
reference_id RHSA-2023:7858
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7858
14
reference_url https://access.redhat.com/errata/RHSA-2023:7860
reference_id RHSA-2023:7860
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7860
15
reference_url https://access.redhat.com/errata/RHSA-2023:7861
reference_id RHSA-2023:7861
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:7861
16
reference_url https://access.redhat.com/errata/RHSA-2024:0798
reference_id RHSA-2024:0798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0798
17
reference_url https://access.redhat.com/errata/RHSA-2024:0799
reference_id RHSA-2024:0799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0799
18
reference_url https://access.redhat.com/errata/RHSA-2024:0800
reference_id RHSA-2024:0800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0800
19
reference_url https://access.redhat.com/errata/RHSA-2024:0801
reference_id RHSA-2024:0801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0801
20
reference_url https://access.redhat.com/errata/RHSA-2024:0804
reference_id RHSA-2024:0804
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0804
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@23.0.0
purl pkg:maven/org.keycloak/keycloak-core@23.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-m7ec-ad95-87aa
4
vulnerability VCID-sg1r-gdub-fba1
5
vulnerability VCID-yb4r-xbbq-47en
6
vulnerability VCID-z5qm-jh27-skdr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.0
aliases CVE-2023-6134, GHSA-cvg2-7c3j-g36j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utd3-fu1x-augq
41
url VCID-w5wa-m47v-7fhy
vulnerability_id VCID-w5wa-m47v-7fhy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json
1
reference_url https://access.redhat.com/security/cve/CVE-2020-1744
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-1744
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1744
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.40984
published_at 2026-06-11T12:55:00Z
1
value 0.00192
scoring_system epss
scoring_elements 0.41151
published_at 2026-06-12T12:55:00Z
2
value 0.00192
scoring_system epss
scoring_elements 0.41172
published_at 2026-06-13T12:55:00Z
3
value 0.00192
scoring_system epss
scoring_elements 0.41162
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1744
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744
4
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1744
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1744
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1805792
reference_id 1805792
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1805792
7
reference_url https://github.com/advisories/GHSA-4gf2-xv97-63m2
reference_id GHSA-4gf2-xv97-63m2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gf2-xv97-63m2
8
reference_url https://access.redhat.com/errata/RHSA-2020:0945
reference_id RHSA-2020:0945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0945
9
reference_url https://access.redhat.com/errata/RHSA-2020:0946
reference_id RHSA-2020:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0946
10
reference_url https://access.redhat.com/errata/RHSA-2020:0947
reference_id RHSA-2020:0947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0947
11
reference_url https://access.redhat.com/errata/RHSA-2020:0951
reference_id RHSA-2020:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0951
12
reference_url https://access.redhat.com/errata/RHSA-2020:2252
reference_id RHSA-2020:2252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2252
13
reference_url https://access.redhat.com/errata/RHSA-2020:2905
reference_id RHSA-2020:2905
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2905
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@9.0.1
purl pkg:maven/org.keycloak/keycloak-core@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h3bz-fuss-bydx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.1
1
url pkg:maven/org.keycloak/keycloak-core@9.0.2
purl pkg:maven/org.keycloak/keycloak-core@9.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-3jtq-par5-tuax
3
vulnerability VCID-3mcs-n479-zydu
4
vulnerability VCID-7q52-ujxg-pyg4
5
vulnerability VCID-7xus-anmm-9ba3
6
vulnerability VCID-b99p-3rqx-v7b4
7
vulnerability VCID-bvmd-z1hf-5yef
8
vulnerability VCID-c2nr-hks8-4qg1
9
vulnerability VCID-cbrs-98sn-mqfq
10
vulnerability VCID-czc3-kxs3-yfdt
11
vulnerability VCID-db3z-zawx-kuc4
12
vulnerability VCID-ejyg-88gf-sfbh
13
vulnerability VCID-fmep-x7k1-37aj
14
vulnerability VCID-h6ky-xtx2-augv
15
vulnerability VCID-kdwj-wspq-1ket
16
vulnerability VCID-kyss-1ab7-77ef
17
vulnerability VCID-m7ec-ad95-87aa
18
vulnerability VCID-q1jj-f5rg-57b1
19
vulnerability VCID-qbxs-9gb1-dbe3
20
vulnerability VCID-sbyx-da8j-mqfx
21
vulnerability VCID-sg1r-gdub-fba1
22
vulnerability VCID-u9df-phf1-83gr
23
vulnerability VCID-utd3-fu1x-augq
24
vulnerability VCID-wfeg-6241-cucs
25
vulnerability VCID-yb4r-xbbq-47en
26
vulnerability VCID-ymg3-rjrx-pkan
27
vulnerability VCID-z5qm-jh27-skdr
28
vulnerability VCID-z5yv-y145-abeh
29
vulnerability VCID-z8cr-qt2v-rkgn
30
vulnerability VCID-zha3-5yra-sfae
31
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.2
aliases CVE-2020-1744, GHSA-4gf2-xv97-63m2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5wa-m47v-7fhy
42
url VCID-wfeg-6241-cucs
vulnerability_id VCID-wfeg-6241-cucs
summary A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6291
reference_id
reference_type
scores
0
value 0.00181
scoring_system epss
scoring_elements 0.39684
published_at 2026-06-14T12:55:00Z
1
value 0.00181
scoring_system epss
scoring_elements 0.39694
published_at 2026-06-13T12:55:00Z
2
value 0.00181
scoring_system epss
scoring_elements 0.39499
published_at 2026-06-11T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.3967
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6291
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b
4
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6291
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6291
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
reference_id cpe:/a:redhat:build_keycloak:22
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
reference_id cpe:/a:redhat:build_keycloak:22::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6
reference_id cpe:/a:redhat:migration_toolkit_applications:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7
reference_id cpe:/a:redhat:migration_toolkit_applications:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id cpe:/a:redhat:serverless:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
23
reference_url https://access.redhat.com/security/cve/CVE-2023-6291
reference_id CVE-2023-6291
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/security/cve/CVE-2023-6291
24
reference_url https://github.com/advisories/GHSA-mpwq-j3xf-7m5w
reference_id GHSA-mpwq-j3xf-7m5w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mpwq-j3xf-7m5w
25
reference_url https://access.redhat.com/errata/RHSA-2023:7854
reference_id RHSA-2023:7854
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7854
26
reference_url https://access.redhat.com/errata/RHSA-2023:7855
reference_id RHSA-2023:7855
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7855
27
reference_url https://access.redhat.com/errata/RHSA-2023:7856
reference_id RHSA-2023:7856
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7856
28
reference_url https://access.redhat.com/errata/RHSA-2023:7857
reference_id RHSA-2023:7857
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7857
29
reference_url https://access.redhat.com/errata/RHSA-2023:7858
reference_id RHSA-2023:7858
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7858
30
reference_url https://access.redhat.com/errata/RHSA-2023:7860
reference_id RHSA-2023:7860
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7860
31
reference_url https://access.redhat.com/errata/RHSA-2023:7861
reference_id RHSA-2023:7861
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2023:7861
32
reference_url https://access.redhat.com/errata/RHSA-2024:0798
reference_id RHSA-2024:0798
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2024:0798
33
reference_url https://access.redhat.com/errata/RHSA-2024:0799
reference_id RHSA-2024:0799
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2024:0799
34
reference_url https://access.redhat.com/errata/RHSA-2024:0800
reference_id RHSA-2024:0800
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2024:0800
35
reference_url https://access.redhat.com/errata/RHSA-2024:0801
reference_id RHSA-2024:0801
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2024:0801
36
reference_url https://access.redhat.com/errata/RHSA-2024:0804
reference_id RHSA-2024:0804
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://access.redhat.com/errata/RHSA-2024:0804
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2251407
reference_id show_bug.cgi?id=2251407
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2251407
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@23.0.0
purl pkg:maven/org.keycloak/keycloak-core@23.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-m7ec-ad95-87aa
4
vulnerability VCID-sg1r-gdub-fba1
5
vulnerability VCID-yb4r-xbbq-47en
6
vulnerability VCID-z5qm-jh27-skdr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.0
aliases CVE-2023-6291, GHSA-mpwq-j3xf-7m5w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfeg-6241-cucs
43
url VCID-wg5v-btsv-2fcz
vulnerability_id VCID-wg5v-btsv-2fcz
summary keycloak-core discloses system properties
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2582.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2582.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2582
reference_id
reference_type
scores
0
value 0.00629
scoring_system epss
scoring_elements 0.70844
published_at 2026-06-12T12:55:00Z
1
value 0.00629
scoring_system epss
scoring_elements 0.70754
published_at 2026-06-11T12:55:00Z
2
value 0.00629
scoring_system epss
scoring_elements 0.70855
published_at 2026-06-14T12:55:00Z
3
value 0.00629
scoring_system epss
scoring_elements 0.70857
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2582
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582
3
reference_url http://www.securityfocus.com/bid/101046
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101046
4
reference_url http://www.securitytracker.com/id/1041707
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041707
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1410481
reference_id 1410481
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1410481
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2582
reference_id CVE-2017-2582
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2582
7
reference_url https://github.com/advisories/GHSA-c77r-6f64-478q
reference_id GHSA-c77r-6f64-478q
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-c77r-6f64-478q
8
reference_url https://access.redhat.com/errata/RHSA-2017:3216
reference_id RHSA-2017:3216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3216
9
reference_url https://access.redhat.com/errata/RHSA-2017:3217
reference_id RHSA-2017:3217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3217
10
reference_url https://access.redhat.com/errata/RHSA-2017:3218
reference_id RHSA-2017:3218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3218
11
reference_url https://access.redhat.com/errata/RHSA-2017:3219
reference_id RHSA-2017:3219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3219
12
reference_url https://access.redhat.com/errata/RHSA-2017:3220
reference_id RHSA-2017:3220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3220
13
reference_url https://access.redhat.com/errata/RHSA-2018:2740
reference_id RHSA-2018:2740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2740
14
reference_url https://access.redhat.com/errata/RHSA-2018:2741
reference_id RHSA-2018:2741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2741
15
reference_url https://access.redhat.com/errata/RHSA-2018:2742
reference_id RHSA-2018:2742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2742
16
reference_url https://access.redhat.com/errata/RHSA-2018:2743
reference_id RHSA-2018:2743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2743
17
reference_url https://access.redhat.com/errata/RHSA-2019:0136
reference_id RHSA-2019:0136
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0136
18
reference_url https://access.redhat.com/errata/RHSA-2019:0137
reference_id RHSA-2019:0137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0137
19
reference_url https://access.redhat.com/errata/RHSA-2019:0139
reference_id RHSA-2019:0139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0139
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
purl pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7tca-nfme-37ek
10
vulnerability VCID-7xus-anmm-9ba3
11
vulnerability VCID-b99p-3rqx-v7b4
12
vulnerability VCID-bvmd-z1hf-5yef
13
vulnerability VCID-c2nr-hks8-4qg1
14
vulnerability VCID-cbrs-98sn-mqfq
15
vulnerability VCID-cxjv-a4yf-2bgs
16
vulnerability VCID-czc3-kxs3-yfdt
17
vulnerability VCID-ejyg-88gf-sfbh
18
vulnerability VCID-f84p-b838-8qge
19
vulnerability VCID-fmep-x7k1-37aj
20
vulnerability VCID-h6ky-xtx2-augv
21
vulnerability VCID-hvwy-pv1y-sqeg
22
vulnerability VCID-k78b-wwvc-e3as
23
vulnerability VCID-kdwj-wspq-1ket
24
vulnerability VCID-kyss-1ab7-77ef
25
vulnerability VCID-m7ec-ad95-87aa
26
vulnerability VCID-mb69-adq5-aqdy
27
vulnerability VCID-q1jj-f5rg-57b1
28
vulnerability VCID-qbxs-9gb1-dbe3
29
vulnerability VCID-qwr8-j8k6-fqew
30
vulnerability VCID-rbre-2rk4-e3gr
31
vulnerability VCID-sbyx-da8j-mqfx
32
vulnerability VCID-sg1r-gdub-fba1
33
vulnerability VCID-t4zx-ktg9-zue4
34
vulnerability VCID-tzwz-7xr4-qud3
35
vulnerability VCID-u9df-phf1-83gr
36
vulnerability VCID-ubx3-wzt9-p3fc
37
vulnerability VCID-utd3-fu1x-augq
38
vulnerability VCID-w5wa-m47v-7fhy
39
vulnerability VCID-wfeg-6241-cucs
40
vulnerability VCID-x6m8-gkbc-4kec
41
vulnerability VCID-x77r-6nax-tqg6
42
vulnerability VCID-xf39-m1jv-zbfj
43
vulnerability VCID-yb4r-xbbq-47en
44
vulnerability VCID-ymg3-rjrx-pkan
45
vulnerability VCID-z5qm-jh27-skdr
46
vulnerability VCID-z5yv-y145-abeh
47
vulnerability VCID-z8cr-qt2v-rkgn
48
vulnerability VCID-zha3-5yra-sfae
49
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1.Final
1
url pkg:maven/org.keycloak/keycloak-core@2.5.1
purl pkg:maven/org.keycloak/keycloak-core@2.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1
aliases CVE-2017-2582, GHSA-c77r-6f64-478q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg5v-btsv-2fcz
44
url VCID-x6m8-gkbc-4kec
vulnerability_id VCID-x6m8-gkbc-4kec
summary Improper Verification of Cryptographic Signature in keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10201.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10201.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10201
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.33443
published_at 2026-06-12T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.33261
published_at 2026-06-11T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33439
published_at 2026-06-14T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33464
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10201
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1728609
reference_id 1728609
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1728609
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10201
reference_id CVE-2019-10201
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10201
5
reference_url https://github.com/advisories/GHSA-4fgq-gq9g-3rw7
reference_id GHSA-4fgq-gq9g-3rw7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fgq-gq9g-3rw7
6
reference_url https://access.redhat.com/errata/RHSA-2019:2483
reference_id RHSA-2019:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2483
7
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
8
reference_url https://access.redhat.com/errata/RHSA-2020:2366
reference_id RHSA-2020:2366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2366
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@7.0.0
purl pkg:maven/org.keycloak/keycloak-core@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7xus-anmm-9ba3
10
vulnerability VCID-b99p-3rqx-v7b4
11
vulnerability VCID-bvmd-z1hf-5yef
12
vulnerability VCID-c2nr-hks8-4qg1
13
vulnerability VCID-cbrs-98sn-mqfq
14
vulnerability VCID-cxjv-a4yf-2bgs
15
vulnerability VCID-czc3-kxs3-yfdt
16
vulnerability VCID-ejyg-88gf-sfbh
17
vulnerability VCID-fmep-x7k1-37aj
18
vulnerability VCID-h6ky-xtx2-augv
19
vulnerability VCID-hvwy-pv1y-sqeg
20
vulnerability VCID-kdwj-wspq-1ket
21
vulnerability VCID-kyss-1ab7-77ef
22
vulnerability VCID-m7ec-ad95-87aa
23
vulnerability VCID-mb69-adq5-aqdy
24
vulnerability VCID-q1jj-f5rg-57b1
25
vulnerability VCID-qbxs-9gb1-dbe3
26
vulnerability VCID-sbyx-da8j-mqfx
27
vulnerability VCID-sg1r-gdub-fba1
28
vulnerability VCID-t4zx-ktg9-zue4
29
vulnerability VCID-u9df-phf1-83gr
30
vulnerability VCID-utd3-fu1x-augq
31
vulnerability VCID-w5wa-m47v-7fhy
32
vulnerability VCID-wfeg-6241-cucs
33
vulnerability VCID-yb4r-xbbq-47en
34
vulnerability VCID-ymg3-rjrx-pkan
35
vulnerability VCID-z5qm-jh27-skdr
36
vulnerability VCID-z5yv-y145-abeh
37
vulnerability VCID-z8cr-qt2v-rkgn
38
vulnerability VCID-zha3-5yra-sfae
39
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0
aliases CVE-2019-10201, GHSA-4fgq-gq9g-3rw7
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6m8-gkbc-4kec
45
url VCID-x77r-6nax-tqg6
vulnerability_id VCID-x77r-6nax-tqg6
summary Exposure of Sensitive Information to an Unauthorized Actor in Keycloak
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:1140
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1140
1
reference_url https://access.redhat.com/errata/RHSA-2019:2998
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2998
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3868.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3868.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3868
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.51369
published_at 2026-06-13T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.51225
published_at 2026-06-11T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.51356
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3868
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3868
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3868
5
reference_url http://www.securityfocus.com/bid/108061
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/108061
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1679144
reference_id 1679144
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1679144
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3868
reference_id CVE-2019-3868
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3868
8
reference_url https://github.com/advisories/GHSA-gc52-xj6p-9pxp
reference_id GHSA-gc52-xj6p-9pxp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc52-xj6p-9pxp
9
reference_url https://access.redhat.com/errata/RHSA-2019:0856
reference_id RHSA-2019:0856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0856
10
reference_url https://access.redhat.com/errata/RHSA-2019:0857
reference_id RHSA-2019:0857
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0857
11
reference_url https://access.redhat.com/errata/RHSA-2019:0868
reference_id RHSA-2019:0868
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0868
12
reference_url https://access.redhat.com/errata/RHSA-2020:2366
reference_id RHSA-2020:2366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2366
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@6.0.0
purl pkg:maven/org.keycloak/keycloak-core@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7xus-anmm-9ba3
10
vulnerability VCID-b99p-3rqx-v7b4
11
vulnerability VCID-bvmd-z1hf-5yef
12
vulnerability VCID-c2nr-hks8-4qg1
13
vulnerability VCID-cbrs-98sn-mqfq
14
vulnerability VCID-cxjv-a4yf-2bgs
15
vulnerability VCID-czc3-kxs3-yfdt
16
vulnerability VCID-ejyg-88gf-sfbh
17
vulnerability VCID-fmep-x7k1-37aj
18
vulnerability VCID-h6ky-xtx2-augv
19
vulnerability VCID-hvwy-pv1y-sqeg
20
vulnerability VCID-kdwj-wspq-1ket
21
vulnerability VCID-kyss-1ab7-77ef
22
vulnerability VCID-m7ec-ad95-87aa
23
vulnerability VCID-mb69-adq5-aqdy
24
vulnerability VCID-q1jj-f5rg-57b1
25
vulnerability VCID-qbxs-9gb1-dbe3
26
vulnerability VCID-qwr8-j8k6-fqew
27
vulnerability VCID-sbyx-da8j-mqfx
28
vulnerability VCID-sg1r-gdub-fba1
29
vulnerability VCID-t4zx-ktg9-zue4
30
vulnerability VCID-u9df-phf1-83gr
31
vulnerability VCID-utd3-fu1x-augq
32
vulnerability VCID-w5wa-m47v-7fhy
33
vulnerability VCID-wfeg-6241-cucs
34
vulnerability VCID-x6m8-gkbc-4kec
35
vulnerability VCID-xf39-m1jv-zbfj
36
vulnerability VCID-yb4r-xbbq-47en
37
vulnerability VCID-ymg3-rjrx-pkan
38
vulnerability VCID-z5qm-jh27-skdr
39
vulnerability VCID-z5yv-y145-abeh
40
vulnerability VCID-z8cr-qt2v-rkgn
41
vulnerability VCID-zha3-5yra-sfae
42
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@6.0.0
aliases CVE-2019-3868, GHSA-gc52-xj6p-9pxp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x77r-6nax-tqg6
46
url VCID-xf39-m1jv-zbfj
vulnerability_id VCID-xf39-m1jv-zbfj
summary Improper Input Validation and Cross-Site Request Forgery in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10199.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10199.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10199
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26567
published_at 2026-06-12T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26365
published_at 2026-06-11T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26569
published_at 2026-06-14T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.26583
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10199
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1729261
reference_id 1729261
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1729261
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10199
reference_id CVE-2019-10199
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10199
6
reference_url https://github.com/advisories/GHSA-p5xp-6vpf-jwvh
reference_id GHSA-p5xp-6vpf-jwvh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p5xp-6vpf-jwvh
7
reference_url https://access.redhat.com/errata/RHSA-2019:2483
reference_id RHSA-2019:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2483
8
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
9
reference_url https://access.redhat.com/errata/RHSA-2020:2366
reference_id RHSA-2020:2366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2366
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@7.0.0
purl pkg:maven/org.keycloak/keycloak-core@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-1twj-46mj-vbeg
2
vulnerability VCID-27n8-twqe-c7hg
3
vulnerability VCID-3jtq-par5-tuax
4
vulnerability VCID-3mcs-n479-zydu
5
vulnerability VCID-49ev-wsaa-4bbn
6
vulnerability VCID-551s-5jc8-x7g4
7
vulnerability VCID-6kkn-nm8v-u3a4
8
vulnerability VCID-7q52-ujxg-pyg4
9
vulnerability VCID-7xus-anmm-9ba3
10
vulnerability VCID-b99p-3rqx-v7b4
11
vulnerability VCID-bvmd-z1hf-5yef
12
vulnerability VCID-c2nr-hks8-4qg1
13
vulnerability VCID-cbrs-98sn-mqfq
14
vulnerability VCID-cxjv-a4yf-2bgs
15
vulnerability VCID-czc3-kxs3-yfdt
16
vulnerability VCID-ejyg-88gf-sfbh
17
vulnerability VCID-fmep-x7k1-37aj
18
vulnerability VCID-h6ky-xtx2-augv
19
vulnerability VCID-hvwy-pv1y-sqeg
20
vulnerability VCID-kdwj-wspq-1ket
21
vulnerability VCID-kyss-1ab7-77ef
22
vulnerability VCID-m7ec-ad95-87aa
23
vulnerability VCID-mb69-adq5-aqdy
24
vulnerability VCID-q1jj-f5rg-57b1
25
vulnerability VCID-qbxs-9gb1-dbe3
26
vulnerability VCID-sbyx-da8j-mqfx
27
vulnerability VCID-sg1r-gdub-fba1
28
vulnerability VCID-t4zx-ktg9-zue4
29
vulnerability VCID-u9df-phf1-83gr
30
vulnerability VCID-utd3-fu1x-augq
31
vulnerability VCID-w5wa-m47v-7fhy
32
vulnerability VCID-wfeg-6241-cucs
33
vulnerability VCID-yb4r-xbbq-47en
34
vulnerability VCID-ymg3-rjrx-pkan
35
vulnerability VCID-z5qm-jh27-skdr
36
vulnerability VCID-z5yv-y145-abeh
37
vulnerability VCID-z8cr-qt2v-rkgn
38
vulnerability VCID-zha3-5yra-sfae
39
vulnerability VCID-ztxp-j5gt-4qdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0
aliases CVE-2019-10199, GHSA-p5xp-6vpf-jwvh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xf39-m1jv-zbfj
47
url VCID-yb4r-xbbq-47en
vulnerability_id VCID-yb4r-xbbq-47en
summary keycloak-core: open redirect via "form_post.jwt" JARM response mode
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:0097
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0097
1
reference_url https://access.redhat.com/errata/RHSA-2024:0098
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0098
2
reference_url https://access.redhat.com/errata/RHSA-2024:0100
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0100
3
reference_url https://access.redhat.com/errata/RHSA-2024:0101
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0101
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6927.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6927.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6927
reference_id
reference_type
scores
0
value 0.00838
scoring_system epss
scoring_elements 0.75203
published_at 2026-06-14T12:55:00Z
1
value 0.00838
scoring_system epss
scoring_elements 0.75123
published_at 2026-06-11T12:55:00Z
2
value 0.00838
scoring_system epss
scoring_elements 0.75194
published_at 2026-06-12T12:55:00Z
3
value 0.00838
scoring_system epss
scoring_elements 0.75207
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6927
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255027
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2255027
7
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
8
reference_url https://access.redhat.com/security/cve/CVE-2023-6927
reference_id CVE-2023-6927
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-6927
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6927
reference_id CVE-2023-6927
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6927
10
reference_url https://github.com/advisories/GHSA-9vm7-v8wj-3fqw
reference_id GHSA-9vm7-v8wj-3fqw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9vm7-v8wj-3fqw
11
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-9vm7-v8wj-3fqw
reference_id GHSA-9vm7-v8wj-3fqw
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-9vm7-v8wj-3fqw
12
reference_url https://access.redhat.com/errata/RHSA-2024:0094
reference_id RHSA-2024:0094
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0094
13
reference_url https://access.redhat.com/errata/RHSA-2024:0095
reference_id RHSA-2024:0095
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0095
14
reference_url https://access.redhat.com/errata/RHSA-2024:0096
reference_id RHSA-2024:0096
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2024:0096
15
reference_url https://access.redhat.com/errata/RHSA-2024:0798
reference_id RHSA-2024:0798
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0798
16
reference_url https://access.redhat.com/errata/RHSA-2024:0799
reference_id RHSA-2024:0799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0799
17
reference_url https://access.redhat.com/errata/RHSA-2024:0800
reference_id RHSA-2024:0800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0800
18
reference_url https://access.redhat.com/errata/RHSA-2024:0801
reference_id RHSA-2024:0801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0801
19
reference_url https://access.redhat.com/errata/RHSA-2024:0804
reference_id RHSA-2024:0804
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0804
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@23.0.4
purl pkg:maven/org.keycloak/keycloak-core@23.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-m7ec-ad95-87aa
4
vulnerability VCID-sg1r-gdub-fba1
5
vulnerability VCID-z5qm-jh27-skdr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.4
aliases CVE-2023-6927, GHSA-9vm7-v8wj-3fqw, GMS-2024-51
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yb4r-xbbq-47en
48
url VCID-ymg3-rjrx-pkan
vulnerability_id VCID-ymg3-rjrx-pkan
summary Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown
references
0
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
1
reference_url https://github.com/advisories/GHSA-755v-r4x4-qf7m
reference_id GHSA-755v-r4x4-qf7m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-755v-r4x4-qf7m
2
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m
reference_id GHSA-755v-r4x4-qf7m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@20.0.0
purl pkg:maven/org.keycloak/keycloak-core@20.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-ejyg-88gf-sfbh
5
vulnerability VCID-m7ec-ad95-87aa
6
vulnerability VCID-sg1r-gdub-fba1
7
vulnerability VCID-utd3-fu1x-augq
8
vulnerability VCID-wfeg-6241-cucs
9
vulnerability VCID-yb4r-xbbq-47en
10
vulnerability VCID-z5qm-jh27-skdr
11
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.0
aliases GHSA-755v-r4x4-qf7m, GMS-2022-7509
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymg3-rjrx-pkan
49
url VCID-z5qm-jh27-skdr
vulnerability_id VCID-z5qm-jh27-skdr
summary A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6841.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6841.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6841
reference_id
reference_type
scores
0
value 0.00613
scoring_system epss
scoring_elements 0.70445
published_at 2026-06-14T12:55:00Z
1
value 0.00613
scoring_system epss
scoring_elements 0.70343
published_at 2026-06-11T12:55:00Z
2
value 0.00613
scoring_system epss
scoring_elements 0.70433
published_at 2026-06-12T12:55:00Z
3
value 0.00613
scoring_system epss
scoring_elements 0.70447
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6841
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/issues/32837
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/issues/32837
4
reference_url https://github.com/keycloak/keycloak/releases/tag/24.0.0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/releases/tag/24.0.0
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:mobile_application_platform:4
reference_id cpe:/a:redhat:mobile_application_platform:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:mobile_application_platform:4
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
reference_id cpe:/a:redhat:openshift_application_runtimes:1.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
10
reference_url https://access.redhat.com/security/cve/CVE-2023-6841
reference_id CVE-2023-6841
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T20:20:35Z/
url https://access.redhat.com/security/cve/CVE-2023-6841
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6841
reference_id CVE-2023-6841
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6841
12
reference_url https://github.com/advisories/GHSA-w97f-w3hq-36g2
reference_id GHSA-w97f-w3hq-36g2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w97f-w3hq-36g2
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254714
reference_id show_bug.cgi?id=2254714
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T20:20:35Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2254714
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@24.0.0
purl pkg:maven/org.keycloak/keycloak-core@24.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-m7ec-ad95-87aa
4
vulnerability VCID-sg1r-gdub-fba1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@24.0.0
aliases CVE-2023-6841, GHSA-w97f-w3hq-36g2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z5qm-jh27-skdr
50
url VCID-z5yv-y145-abeh
vulnerability_id VCID-z5yv-y145-abeh
summary A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35509
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.25195
published_at 2026-06-14T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.2499
published_at 2026-06-11T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.2519
published_at 2026-06-12T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25208
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35509
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912427
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1912427
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76
5
reference_url https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb
6
reference_url https://github.com/keycloak/keycloak/pull/6330
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/6330
7
reference_url https://github.com/keycloak/keycloak/pull/8067
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/8067
8
reference_url https://security.archlinux.org/ASA-202106-53
reference_id ASA-202106-53
reference_type
scores
url https://security.archlinux.org/ASA-202106-53
9
reference_url https://security.archlinux.org/AVG-2084
reference_id AVG-2084
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2084
10
reference_url https://access.redhat.com/security/cve/cve-2020-35509
reference_id cve-2020-35509
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-30T19:38:02Z/
url https://access.redhat.com/security/cve/cve-2020-35509
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-35509
reference_id CVE-2020-35509
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-35509
12
reference_url https://github.com/advisories/GHSA-rpj2-w6fr-79hc
reference_id GHSA-rpj2-w6fr-79hc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rpj2-w6fr-79hc
13
reference_url https://access.redhat.com/errata/RHSA-2021:3527
reference_id RHSA-2021:3527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3527
14
reference_url https://access.redhat.com/errata/RHSA-2021:3528
reference_id RHSA-2021:3528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3528
15
reference_url https://access.redhat.com/errata/RHSA-2021:3529
reference_id RHSA-2021:3529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3529
16
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@14.0.0
purl pkg:maven/org.keycloak/keycloak-core@14.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@14.0.0
aliases CVE-2020-35509, GHSA-rpj2-w6fr-79hc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z5yv-y145-abeh
51
url VCID-z8cr-qt2v-rkgn
vulnerability_id VCID-z8cr-qt2v-rkgn
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27838.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27838.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27838
reference_id
reference_type
scores
0
value 0.85144
scoring_system epss
scoring_elements 0.99377
published_at 2026-06-13T12:55:00Z
1
value 0.85144
scoring_system epss
scoring_elements 0.99376
published_at 2026-06-14T12:55:00Z
2
value 0.85144
scoring_system epss
scoring_elements 0.99374
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27838
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1906797
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1906797
3
reference_url https://github.com/keycloak/keycloak/commit/9356843c6c3d7097d010b3bb6f91e25fcaba378c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/9356843c6c3d7097d010b3bb6f91e25fcaba378c
4
reference_url https://github.com/keycloak/keycloak/pull/7790
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/7790
5
reference_url https://security.archlinux.org/ASA-202105-6
reference_id ASA-202105-6
reference_type
scores
url https://security.archlinux.org/ASA-202105-6
6
reference_url https://security.archlinux.org/AVG-1926
reference_id AVG-1926
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1926
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-27838
reference_id CVE-2020-27838
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-27838
8
reference_url https://github.com/advisories/GHSA-pcv5-m2wh-66j3
reference_id GHSA-pcv5-m2wh-66j3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pcv5-m2wh-66j3
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@13.0.0
purl pkg:maven/org.keycloak/keycloak-core@13.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-c2nr-hks8-4qg1
4
vulnerability VCID-czc3-kxs3-yfdt
5
vulnerability VCID-ejyg-88gf-sfbh
6
vulnerability VCID-kdwj-wspq-1ket
7
vulnerability VCID-m7ec-ad95-87aa
8
vulnerability VCID-q1jj-f5rg-57b1
9
vulnerability VCID-sg1r-gdub-fba1
10
vulnerability VCID-u9df-phf1-83gr
11
vulnerability VCID-utd3-fu1x-augq
12
vulnerability VCID-wfeg-6241-cucs
13
vulnerability VCID-yb4r-xbbq-47en
14
vulnerability VCID-ymg3-rjrx-pkan
15
vulnerability VCID-z5qm-jh27-skdr
16
vulnerability VCID-z5yv-y145-abeh
17
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0
aliases CVE-2020-27838, GHSA-pcv5-m2wh-66j3
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8cr-qt2v-rkgn
52
url VCID-zha3-5yra-sfae
vulnerability_id VCID-zha3-5yra-sfae
summary A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0091.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0091.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0091
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.53004
published_at 2026-06-14T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52877
published_at 2026-06-11T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.53006
published_at 2026-06-12T12:55:00Z
3
value 0.00291
scoring_system epss
scoring_elements 0.53021
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0091
2
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
3
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0091
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0091
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2158585
reference_id 2158585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2158585
6
reference_url https://access.redhat.com/security/cve/CVE-2023-0091
reference_id CVE-2023-0091
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:08:50Z/
url https://access.redhat.com/security/cve/CVE-2023-0091
7
reference_url https://github.com/advisories/GHSA-v436-q368-hvgg
reference_id GHSA-v436-q368-hvgg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v436-q368-hvgg
8
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1043
9
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1044
10
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1045
11
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1047
12
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1049
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@20.0.3
purl pkg:maven/org.keycloak/keycloak-core@20.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jtq-par5-tuax
1
vulnerability VCID-b99p-3rqx-v7b4
2
vulnerability VCID-bvmd-z1hf-5yef
3
vulnerability VCID-ejyg-88gf-sfbh
4
vulnerability VCID-m7ec-ad95-87aa
5
vulnerability VCID-sg1r-gdub-fba1
6
vulnerability VCID-utd3-fu1x-augq
7
vulnerability VCID-wfeg-6241-cucs
8
vulnerability VCID-yb4r-xbbq-47en
9
vulnerability VCID-z5qm-jh27-skdr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.3
aliases CVE-2023-0091, GHSA-v436-q368-hvgg, GMS-2023-37
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zha3-5yra-sfae
53
url VCID-ztxp-j5gt-4qdb
vulnerability_id VCID-ztxp-j5gt-4qdb
summary Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1758.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1758.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1758
reference_id
reference_type
scores
0
value 0.00254
scoring_system epss
scoring_elements 0.49187
published_at 2026-06-12T12:55:00Z
1
value 0.00254
scoring_system epss
scoring_elements 0.4905
published_at 2026-06-11T12:55:00Z
2
value 0.00254
scoring_system epss
scoring_elements 0.49195
published_at 2026-06-14T12:55:00Z
3
value 0.00254
scoring_system epss
scoring_elements 0.49205
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1758
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758
3
reference_url https://issues.redhat.com/browse/KEYCLOAK-13285
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/KEYCLOAK-13285
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1812514
reference_id 1812514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1812514
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1758
reference_id CVE-2020-1758
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1758
6
reference_url https://github.com/advisories/GHSA-c597-f74m-jgc2
reference_id GHSA-c597-f74m-jgc2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c597-f74m-jgc2
7
reference_url https://access.redhat.com/errata/RHSA-2020:2106
reference_id RHSA-2020:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2106
8
reference_url https://access.redhat.com/errata/RHSA-2020:2107
reference_id RHSA-2020:2107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2107
9
reference_url https://access.redhat.com/errata/RHSA-2020:2108
reference_id RHSA-2020:2108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2108
10
reference_url https://access.redhat.com/errata/RHSA-2020:2112
reference_id RHSA-2020:2112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2112
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-core@10.0.0
purl pkg:maven/org.keycloak/keycloak-core@10.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ewb-gxkb-j3cn
1
vulnerability VCID-3jtq-par5-tuax
2
vulnerability VCID-3mcs-n479-zydu
3
vulnerability VCID-7q52-ujxg-pyg4
4
vulnerability VCID-7xus-anmm-9ba3
5
vulnerability VCID-b99p-3rqx-v7b4
6
vulnerability VCID-bvmd-z1hf-5yef
7
vulnerability VCID-c2nr-hks8-4qg1
8
vulnerability VCID-cbrs-98sn-mqfq
9
vulnerability VCID-czc3-kxs3-yfdt
10
vulnerability VCID-db3z-zawx-kuc4
11
vulnerability VCID-ejyg-88gf-sfbh
12
vulnerability VCID-fmep-x7k1-37aj
13
vulnerability VCID-h6ky-xtx2-augv
14
vulnerability VCID-kdwj-wspq-1ket
15
vulnerability VCID-kyss-1ab7-77ef
16
vulnerability VCID-m7ec-ad95-87aa
17
vulnerability VCID-q1jj-f5rg-57b1
18
vulnerability VCID-qbxs-9gb1-dbe3
19
vulnerability VCID-sbyx-da8j-mqfx
20
vulnerability VCID-sg1r-gdub-fba1
21
vulnerability VCID-u9df-phf1-83gr
22
vulnerability VCID-utd3-fu1x-augq
23
vulnerability VCID-wfeg-6241-cucs
24
vulnerability VCID-yb4r-xbbq-47en
25
vulnerability VCID-ymg3-rjrx-pkan
26
vulnerability VCID-z5qm-jh27-skdr
27
vulnerability VCID-z5yv-y145-abeh
28
vulnerability VCID-z8cr-qt2v-rkgn
29
vulnerability VCID-zha3-5yra-sfae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@10.0.0
aliases CVE-2020-1758, GHSA-c597-f74m-jgc2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztxp-j5gt-4qdb
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.1.0.Final