{"url":"http://public2.vulnerablecode.io/api/packages/432462?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.2.1.Final","type":"maven","namespace":"org.keycloak","name":"keycloak-core","version":"2.2.1.Final","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.4.3","latest_non_vulnerable_version":"26.0.6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197328?format=json","vulnerability_id":"VCID-1ewb-gxkb-j3cn","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1714.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1714","reference_id":"","reference_type":"","scores":[{"value":"0.02152","scoring_system":"epss","scoring_elements":"0.84626","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1714"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/33863ba16117844930a38ebde57a25258f5b80fd","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/33863ba16117844930a38ebde57a25258f5b80fd"},{"reference_url":"https://github.com/keycloak/keycloak/pull/7053","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/7053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705975","reference_id":"1705975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705975"},{"reference_url":"https://security.archlinux.org/ASA-202005-8","reference_id":"ASA-202005-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202005-8"},{"reference_url":"https://security.archlinux.org/AVG-1158","reference_id":"AVG-1158","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1158"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1714","reference_id":"CVE-2020-1714","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1714"},{"reference_url":"https://github.com/advisories/GHSA-m6mm-q862-j366","reference_id":"GHSA-m6mm-q862-j366","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m6mm-q862-j366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2813","reference_id":"RHSA-2020:2813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2814","reference_id":"RHSA-2020:2814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2816","reference_id":"RHSA-2020:2816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3017","reference_id":"RHSA-2020:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3675","reference_id":"RHSA-2020:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3678","reference_id":"RHSA-2020:3678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4252","reference_id":"RHSA-2020:4252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5568","reference_id":"RHSA-2020:5568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5568"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19007?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@11.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@11.0.0"}],"aliases":["CVE-2020-1714","GHSA-m6mm-q862-j366"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ewb-gxkb-j3cn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204675?format=json","vulnerability_id":"VCID-1twj-46mj-vbeg","summary":"Improper Restriction of Rendered UI Layers or Frames in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1728.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1728","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32513","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1728"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1728","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1728"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-12264","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-12264"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800585","reference_id":"1800585","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800585"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1728","reference_id":"CVE-2020-1728","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1728"},{"reference_url":"https://github.com/advisories/GHSA-3gg7-9q2x-79fc","reference_id":"GHSA-3gg7-9q2x-79fc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3gg7-9q2x-79fc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3495","reference_id":"RHSA-2020:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3496","reference_id":"RHSA-2020:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3497","reference_id":"RHSA-2020:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3501","reference_id":"RHSA-2020:3501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3539","reference_id":"RHSA-2020:3539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4213","reference_id":"RHSA-2020:4213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4252","reference_id":"RHSA-2020:4252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4252"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/392326?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@10.0.0"}],"aliases":["CVE-2020-1728","GHSA-3gg7-9q2x-79fc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1twj-46mj-vbeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204670?format=json","vulnerability_id":"VCID-27n8-twqe-c7hg","summary":"Exposure of Sensitive Information to an Unauthorized Actor in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14820.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14820","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54617","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14820"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649870","reference_id":"1649870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649870"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14820","reference_id":"CVE-2019-14820","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14820"},{"reference_url":"https://github.com/advisories/GHSA-xfqh-7356-vqjj","reference_id":"GHSA-xfqh-7356-vqjj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xfqh-7356-vqjj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3044","reference_id":"RHSA-2019:3044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3045","reference_id":"RHSA-2019:3045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3046","reference_id":"RHSA-2019:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3048","reference_id":"RHSA-2019:3048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3049","reference_id":"RHSA-2019:3049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3050","reference_id":"RHSA-2019:3050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16374?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0"}],"aliases":["CVE-2019-14820","GHSA-xfqh-7356-vqjj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27n8-twqe-c7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197255?format=json","vulnerability_id":"VCID-3mcs-n479-zydu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20202.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20202.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20202","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14509","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20202"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922128","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922128"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-17000","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-17000"},{"reference_url":"https://security.archlinux.org/ASA-202105-6","reference_id":"ASA-202105-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-6"},{"reference_url":"https://security.archlinux.org/AVG-1926","reference_id":"AVG-1926","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1926"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20202","reference_id":"CVE-2021-20202","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20202"},{"reference_url":"https://github.com/advisories/GHSA-6xp6-fmc8-pmmr","reference_id":"GHSA-6xp6-fmc8-pmmr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6xp6-fmc8-pmmr"},{"reference_url":"https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-7gf3-89f6-823j","reference_id":"GHSA-7gf3-89f6-823j","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-7gf3-89f6-823j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2021-20202","GHSA-6xp6-fmc8-pmmr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mcs-n479-zydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/324630?format=json","vulnerability_id":"VCID-49ev-wsaa-4bbn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1724.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1724.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1724","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33283","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1724"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1724","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1724"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1724","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1724"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800527","reference_id":"1800527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2106","reference_id":"RHSA-2020:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2107","reference_id":"RHSA-2020:2107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2108","reference_id":"RHSA-2020:2108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2112","reference_id":"RHSA-2020:2112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2252","reference_id":"RHSA-2020:2252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/385382?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.2"}],"aliases":["CVE-2020-1724","GHSA-8xj2-47xw-q78c"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-49ev-wsaa-4bbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204671?format=json","vulnerability_id":"VCID-551s-5jc8-x7g4","summary":"XSS in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1697.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1697","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.52023","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1697","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791538","reference_id":"1791538","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791538"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1697","reference_id":"CVE-2020-1697","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1697"},{"reference_url":"https://github.com/advisories/GHSA-8vf3-4w62-m3pq","reference_id":"GHSA-8vf3-4w62-m3pq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8vf3-4w62-m3pq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2252","reference_id":"RHSA-2020:2252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16375?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.0"}],"aliases":["CVE-2020-1697","GHSA-8vf3-4w62-m3pq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-551s-5jc8-x7g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309291?format=json","vulnerability_id":"VCID-6kkn-nm8v-u3a4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10170.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10170","reference_id":"","reference_type":"","scores":[{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73433","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10170","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10170"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10170","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1721295","reference_id":"1721295","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1721295"},{"reference_url":"https://github.com/advisories/GHSA-7m27-3587-83xf","reference_id":"GHSA-7m27-3587-83xf","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7m27-3587-83xf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3050","reference_id":"RHSA-2019:3050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3050"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16374?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0"}],"aliases":["CVE-2019-10170","GHSA-7m27-3587-83xf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6kkn-nm8v-u3a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197711?format=json","vulnerability_id":"VCID-7q52-ujxg-pyg4","summary":"privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27826","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37409","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27826"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905089","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905089"},{"reference_url":"https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72"},{"reference_url":"https://security.archlinux.org/AVG-1373","reference_id":"AVG-1373","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1373"},{"reference_url":"https://access.redhat.com/security/cve/cve-2020-27826","reference_id":"CVE-2020-27826","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2020-27826"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27826","reference_id":"CVE-2020-27826","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27826"},{"reference_url":"https://github.com/advisories/GHSA-m9cj-v55f-8x26","reference_id":"GHSA-m9cj-v55f-8x26","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m9cj-v55f-8x26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5526","reference_id":"RHSA-2020:5526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5527","reference_id":"RHSA-2020:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5528","reference_id":"RHSA-2020:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5533","reference_id":"RHSA-2020:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5533"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19787?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@12.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-gxku-5esb-1qct"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0"}],"aliases":["CVE-2020-27826","GHSA-m9cj-v55f-8x26"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q52-ujxg-pyg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30697?format=json","vulnerability_id":"VCID-7tca-nfme-37ek","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14637","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53793","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637"},{"reference_url":"https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/keycloak/keycloak/commit/0fe0b875d63cce3d2855d85d25bb8757bce13eb1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627851","reference_id":"1627851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627851"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14637","reference_id":"CVE-2018-14637","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14637"},{"reference_url":"https://github.com/advisories/GHSA-gf2j-7qwg-4f5x","reference_id":"GHSA-gf2j-7qwg-4f5x","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gf2j-7qwg-4f5x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/435018?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@4.6.0.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.6.0.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14617?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@4.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.6.0"}],"aliases":["CVE-2018-14637","GHSA-gf2j-7qwg-4f5x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7tca-nfme-37ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197689?format=json","vulnerability_id":"VCID-7xus-anmm-9ba3","summary":"cross-site request forgery","references":[{"reference_url":"http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10770.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10770","reference_id":"","reference_type":"","scores":[{"value":"0.92282","scoring_system":"epss","scoring_elements":"0.99735","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1846270","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1846270"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/55a064a978b0b7e0f0b93c33931f7dabe7d0d5e2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/keycloak/keycloak/commit/55a064a978b0b7e0f0b93c33931f7dabe7d0d5e2"},{"reference_url":"https://github.com/keycloak/keycloak-documentation/pull/1086","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak-documentation/pull/1086"},{"reference_url":"https://github.com/keycloak/keycloak/pull/7714","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/7714"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-14019","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-14019"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-3426","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-3426"},{"reference_url":"https://security.archlinux.org/AVG-1577","reference_id":"AVG-1577","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1577"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50405.py","reference_id":"CVE-2020-10770","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50405.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10770","reference_id":"CVE-2020-10770","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10770"},{"reference_url":"https://github.com/advisories/GHSA-jh7q-5mwf-qvhw","reference_id":"GHSA-jh7q-5mwf-qvhw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jh7q-5mwf-qvhw"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0318","reference_id":"RHSA-2021:0318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0319","reference_id":"RHSA-2021:0319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0320","reference_id":"RHSA-2021:0320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0327","reference_id":"RHSA-2021:0327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0327"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/478114?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@12.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2020-10770","GHSA-jh7q-5mwf-qvhw"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xus-anmm-9ba3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174865?format=json","vulnerability_id":"VCID-c2nr-hks8-4qg1","summary":"A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3916","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45567","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3916"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3916","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3916"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8","reference_id":"cpe:/a:redhat:rhosemc:1.0::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-3916","reference_id":"CVE-2022-3916","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-3916"},{"reference_url":"https://github.com/advisories/GHSA-97g8-xfvw-q4hg","reference_id":"GHSA-97g8-xfvw-q4hg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-97g8-xfvw-q4hg"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8961","reference_id":"RHSA-2022:8961","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2022:8961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8962","reference_id":"RHSA-2022:8962","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2022:8962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8963","reference_id":"RHSA-2022:8963","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2022:8963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8964","reference_id":"RHSA-2022:8964","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2022:8964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8965","reference_id":"RHSA-2022:8965","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2022:8965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1043","reference_id":"RHSA-2023:1043","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:1043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1044","reference_id":"RHSA-2023:1044","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:1044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1045","reference_id":"RHSA-2023:1045","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:1045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1047","reference_id":"RHSA-2023:1047","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:1047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1049","reference_id":"RHSA-2023:1049","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:1049"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141404","reference_id":"show_bug.cgi?id=2141404","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141404"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/394378?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@20.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.2"}],"aliases":["CVE-2022-3916","GHSA-97g8-xfvw-q4hg","GMS-2022-8406"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2nr-hks8-4qg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197027?format=json","vulnerability_id":"VCID-cbrs-98sn-mqfq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1725","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29757","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1725"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765129","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765129"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-16550","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-16550"},{"reference_url":"https://security.archlinux.org/AVG-1332","reference_id":"AVG-1332","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1332"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1725","reference_id":"CVE-2020-1725","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1725"},{"reference_url":"https://github.com/advisories/GHSA-p225-pc2x-4jpm","reference_id":"GHSA-p225-pc2x-4jpm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p225-pc2x-4jpm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2020-1725","GHSA-p225-pc2x-4jpm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbrs-98sn-mqfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202210?format=json","vulnerability_id":"VCID-chvn-6m15-mkgp","summary":"Improper Authentication in org.keycloak:keycloak-core","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8609.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8609","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35207","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386729","reference_id":"1386729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386729"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8609","reference_id":"CVE-2016-8609","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8609"},{"reference_url":"https://github.com/advisories/GHSA-95m6-mjh3-58gm","reference_id":"GHSA-95m6-mjh3-58gm","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-95m6-mjh3-58gm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2945","reference_id":"RHSA-2016:2945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2945"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432464?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.3.0.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-f84p-b838-8qge"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-s5ns-5gk7-b3b3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-tzwz-7xr4-qud3"},{"vulnerability":"VCID-u3st-6pct-kkfy"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-wg5v-btsv-2fcz"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.3.0.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14220?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.3.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.3.0"}],"aliases":["CVE-2016-8609","GHSA-95m6-mjh3-58gm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chvn-6m15-mkgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204673?format=json","vulnerability_id":"VCID-cxjv-a4yf-2bgs","summary":"Predictable password in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1731.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1731","reference_id":"","reference_type":"","scores":[{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60401","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1731"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1731","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1731"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801713","reference_id":"1801713","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801713"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1731","reference_id":"CVE-2020-1731","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1731"},{"reference_url":"https://github.com/advisories/GHSA-6pmv-7pr9-cgrj","reference_id":"GHSA-6pmv-7pr9-cgrj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pmv-7pr9-cgrj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16376?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@8.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.2"}],"aliases":["CVE-2020-1731","GHSA-6pmv-7pr9-cgrj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxjv-a4yf-2bgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211250?format=json","vulnerability_id":"VCID-czc3-kxs3-yfdt","summary":"Keycloak XSS via use of malicious payload as group name when creating new group from admin console","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0225.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0225","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.6682","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040268","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040268"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0225","reference_id":"CVE-2022-0225","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0225"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m","reference_id":"GHSA-755v-r4x4-qf7m","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m"},{"reference_url":"https://github.com/advisories/GHSA-fqc7-5xxc-ph7r","reference_id":"GHSA-fqc7-5xxc-ph7r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fqc7-5xxc-ph7r"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6782","reference_id":"RHSA-2022:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6783","reference_id":"RHSA-2022:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6787","reference_id":"RHSA-2022:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7409","reference_id":"RHSA-2022:7409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7410","reference_id":"RHSA-2022:7410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7411","reference_id":"RHSA-2022:7411","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7411"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7417","reference_id":"RHSA-2022:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7417"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/546619?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@16.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-pvrr-mmx8-4kg6"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@16.1.1"}],"aliases":["CVE-2022-0225","GHSA-fqc7-5xxc-ph7r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czc3-kxs3-yfdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346690?format=json","vulnerability_id":"VCID-ejyg-88gf-sfbh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1274","reference_id":"","reference_type":"","scores":[{"value":"0.00993","scoring_system":"epss","scoring_elements":"0.77334","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1274"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9"},{"reference_url":"https://github.com/keycloak/keycloak/pull/16764","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/16764"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"},{"reference_url":"https://herolab.usd.de/security-advisories/usd-2021-0033","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://herolab.usd.de/security-advisories/usd-2021-0033"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1274","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2073157","reference_id":"2073157","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2073157"},{"reference_url":"https://github.com/advisories/GHSA-m4fv-gm5m-4725","reference_id":"GHSA-m4fv-gm5m-4725","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4fv-gm5m-4725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1043","reference_id":"RHSA-2023:1043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1044","reference_id":"RHSA-2023:1044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1045","reference_id":"RHSA-2023:1045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1047","reference_id":"RHSA-2023:1047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1049","reference_id":"RHSA-2023:1049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1049"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393154?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@20.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@20.0.5"}],"aliases":["CVE-2022-1274","GHSA-m4fv-gm5m-4725","GMS-2023-528"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ejyg-88gf-sfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30627?format=json","vulnerability_id":"VCID-f84p-b838-8qge","summary":"","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3592","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3593","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3595","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3595"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14658","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47321","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14658"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14658"},{"reference_url":"https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/keycloak/keycloak/commit/a957e118e6efb35fe7ef3a62acd66341a6523cb7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625409","reference_id":"1625409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625409"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14658","reference_id":"CVE-2018-14658","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14658"},{"reference_url":"https://github.com/advisories/GHSA-3qh2-mccc-q5m6","reference_id":"GHSA-3qh2-mccc-q5m6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3qh2-mccc-q5m6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432659?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@3.3.0.CR1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.3.0.CR1"}],"aliases":["CVE-2018-14658","GHSA-3qh2-mccc-q5m6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f84p-b838-8qge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197257?format=json","vulnerability_id":"VCID-fmep-x7k1-37aj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14302","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35912","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14302"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849584","reference_id":"1849584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849584"},{"reference_url":"https://security.archlinux.org/ASA-202105-6","reference_id":"ASA-202105-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-6"},{"reference_url":"https://security.archlinux.org/AVG-1926","reference_id":"AVG-1926","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1926"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14302","reference_id":"CVE-2020-14302","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0967","reference_id":"RHSA-2021:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0968","reference_id":"RHSA-2021:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0969","reference_id":"RHSA-2021:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0974","reference_id":"RHSA-2021:0974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0974"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2020-14302"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fmep-x7k1-37aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207732?format=json","vulnerability_id":"VCID-h6ky-xtx2-augv","summary":"Cross-site Scripting in keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10776","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50841","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10776"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847428","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847428"},{"reference_url":"https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/01be601dbdd77822827de173e34180d9322db85c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10776","reference_id":"CVE-2020-10776","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10776"},{"reference_url":"https://github.com/advisories/GHSA-484q-784p-8m5h","reference_id":"GHSA-484q-784p-8m5h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-484q-784p-8m5h"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4929","reference_id":"RHSA-2020:4929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4930","reference_id":"RHSA-2020:4930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4931","reference_id":"RHSA-2020:4931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4932","reference_id":"RHSA-2020:4932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19787?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@12.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-gxku-5esb-1qct"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0"}],"aliases":["CVE-2020-10776","GHSA-484q-784p-8m5h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6ky-xtx2-augv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207734?format=json","vulnerability_id":"VCID-hvwy-pv1y-sqeg","summary":"Improper Authentication for Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1718","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59035","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796756","reference_id":"1796756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796756"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1718","reference_id":"CVE-2020-1718","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1718"},{"reference_url":"https://github.com/advisories/GHSA-j229-2h63-rvh9","reference_id":"GHSA-j229-2h63-rvh9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j229-2h63-rvh9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2106","reference_id":"RHSA-2020:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2107","reference_id":"RHSA-2020:2107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2108","reference_id":"RHSA-2020:2108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2112","reference_id":"RHSA-2020:2112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2252","reference_id":"RHSA-2020:2252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16374?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0"}],"aliases":["CVE-2020-1718","GHSA-j229-2h63-rvh9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hvwy-pv1y-sqeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202216?format=json","vulnerability_id":"VCID-k78b-wwvc-e3as","summary":"Moderate severity vulnerability that affects org.keycloak:keycloak-core","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12161.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12161","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51594","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12161"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484564","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484564"},{"reference_url":"https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12161","reference_id":"CVE-2017-12161","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12161"},{"reference_url":"https://github.com/advisories/GHSA-959q-32g8-vvp7","reference_id":"GHSA-959q-32g8-vvp7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-959q-32g8-vvp7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432666?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@3.4.2.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.2.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14223?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@3.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.2"}],"aliases":["CVE-2017-12161","GHSA-959q-32g8-vvp7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k78b-wwvc-e3as"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211253?format=json","vulnerability_id":"VCID-kdwj-wspq-1ket","summary":"Keycloak has Files or Directories Accessible to External Parties","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3856.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3856.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3856","reference_id":"","reference_type":"","scores":[{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.5884","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3856"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010164","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010164"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743"},{"reference_url":"https://github.com/keycloak/keycloak/pull/8588","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/8588"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-19422","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-19422"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2021-3856","reference_id":"CVE-2021-3856","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2021-3856"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3856","reference_id":"CVE-2021-3856","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3856"},{"reference_url":"https://github.com/advisories/GHSA-3w4v-rvc4-2xpw","reference_id":"GHSA-3w4v-rvc4-2xpw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3w4v-rvc4-2xpw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25892?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@15.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-pvrr-mmx8-4kg6"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@15.1.0"}],"aliases":["CVE-2021-3856","GHSA-3w4v-rvc4-2xpw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdwj-wspq-1ket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197253?format=json","vulnerability_id":"VCID-kyss-1ab7-77ef","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3513","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4215","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953439","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953439"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/pull/7976","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/7976"},{"reference_url":"https://security.archlinux.org/ASA-202105-6","reference_id":"ASA-202105-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-6"},{"reference_url":"https://security.archlinux.org/AVG-1926","reference_id":"AVG-1926","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1926"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2021-3513","reference_id":"CVE-2021-3513","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2021-3513"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3513","reference_id":"CVE-2021-3513","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3513"},{"reference_url":"https://github.com/advisories/GHSA-xv7h-95r7-595j","reference_id":"GHSA-xv7h-95r7-595j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xv7h-95r7-595j"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3527","reference_id":"RHSA-2021:3527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3528","reference_id":"RHSA-2021:3528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3529","reference_id":"RHSA-2021:3529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3534","reference_id":"RHSA-2021:3534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3534"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2021-3513","GHSA-xv7h-95r7-595j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyss-1ab7-77ef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/324618?format=json","vulnerability_id":"VCID-mb69-adq5-aqdy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1698.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1698","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16153","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1698"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1698","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1698"},{"reference_url":"https://github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836"},{"reference_url":"https://github.com/keycloak/keycloak/pull/6751","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/6751"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1698","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1698"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790292","reference_id":"1790292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2252","reference_id":"RHSA-2020:2252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5625","reference_id":"RHSA-2020:5625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16375?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.0"}],"aliases":["CVE-2020-1698","GHSA-qgmm-f2qw-r95f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mb69-adq5-aqdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209000?format=json","vulnerability_id":"VCID-q1jj-f5rg-57b1","summary":"Improper authorization in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1466.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1466","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.364","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1466"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2050228","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2050228"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt"},{"reference_url":"https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1466","reference_id":"CVE-2022-1466","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1466"},{"reference_url":"https://github.com/advisories/GHSA-f32v-vf79-p29q","reference_id":"GHSA-f32v-vf79-p29q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f32v-vf79-p29q"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0449","reference_id":"RHSA-2022:0449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20308?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@17.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@17.0.1"}],"aliases":["CVE-2022-1466","GHSA-f32v-vf79-p29q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1jj-f5rg-57b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197282?format=json","vulnerability_id":"VCID-qbxs-9gb1-dbe3","summary":"cross-site scripting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20195.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20195","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54127","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20195"},{"reference_url":"https://github.com/keycloak/keycloak/commit/717d9515fa131e3d8c8936e41b2e52270fdec976","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/717d9515fa131e3d8c8936e41b2e52270fdec976"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20195","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919143","reference_id":"1919143","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919143"},{"reference_url":"https://security.archlinux.org/ASA-202102-29","reference_id":"ASA-202102-29","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-29"},{"reference_url":"https://security.archlinux.org/AVG-1578","reference_id":"AVG-1578","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1578"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/478136?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@12.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2021-20195","GHSA-q6w2-89hq-hq27"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbxs-9gb1-dbe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203835?format=json","vulnerability_id":"VCID-qwr8-j8k6-fqew","summary":"Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3875.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3875","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1515","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3875","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3875"},{"reference_url":"http://www.securityfocus.com/bid/108748","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/108748"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690628","reference_id":"1690628","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690628"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3875","reference_id":"CVE-2019-3875","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3875"},{"reference_url":"https://github.com/advisories/GHSA-38cg-gg9j-q9j9","reference_id":"GHSA-38cg-gg9j-q9j9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-38cg-gg9j-q9j9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1456","reference_id":"RHSA-2019:1456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2366","reference_id":"RHSA-2020:2366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2366"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15616?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0"}],"aliases":["CVE-2019-3875","GHSA-38cg-gg9j-q9j9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwr8-j8k6-fqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202215?format=json","vulnerability_id":"VCID-rbre-2rk4-e3gr","summary":"Moderate severity vulnerability that affects org.keycloak:keycloak-core","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10912.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10912","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.65182","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10912"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607624","reference_id":"1607624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607624"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10912","reference_id":"CVE-2018-10912","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10912"},{"reference_url":"https://github.com/advisories/GHSA-h7j7-pw3v-3v3x","reference_id":"GHSA-h7j7-pw3v-3v3x","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h7j7-pw3v-3v3x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432791?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@4.0.0.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-ktfu-j9gz-p7d1"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.0.0.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14222?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@4.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@4.0.0"}],"aliases":["CVE-2018-10912","GHSA-h7j7-pw3v-3v3x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbre-2rk4-e3gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30448?format=json","vulnerability_id":"VCID-s5ns-5gk7-b3b3","summary":"","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0876.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0876.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0872","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2017:0872"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0873","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2017:0873"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8629.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8629","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43948","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8629"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388988","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388988"},{"reference_url":"https://github.com/keycloak/keycloak/commit/a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/keycloak/keycloak/commit/a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2"},{"reference_url":"http://www.securityfocus.com/bid/97392","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/97392"},{"reference_url":"http://www.securitytracker.com/id/1038180","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1038180"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8629","reference_id":"CVE-2016-8629","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8629"},{"reference_url":"https://github.com/advisories/GHSA-778x-2mqv-w6xw","reference_id":"GHSA-778x-2mqv-w6xw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-778x-2mqv-w6xw"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0876","reference_id":"RHSA-2017:0876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432466?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.4.0.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-f84p-b838-8qge"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-tzwz-7xr4-qud3"},{"vulnerability":"VCID-u3st-6pct-kkfy"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-wg5v-btsv-2fcz"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.4.0.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14218?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.4.0"}],"aliases":["CVE-2016-8629","GHSA-778x-2mqv-w6xw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s5ns-5gk7-b3b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/322580?format=json","vulnerability_id":"VCID-sbyx-da8j-mqfx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14389.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14389.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2020-14389","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2020-14389"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14389","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35091","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14389"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14389","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14389"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875843","reference_id":"1875843","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4929","reference_id":"RHSA-2020:4929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4930","reference_id":"RHSA-2020:4930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4931","reference_id":"RHSA-2020:4931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4932","reference_id":"RHSA-2020:4932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19787?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@12.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-gxku-5esb-1qct"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@12.0.0"}],"aliases":["CVE-2020-14389","GHSA-c9x9-xv66-xp3v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbyx-da8j-mqfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/311713?format=json","vulnerability_id":"VCID-t4zx-ktg9-zue4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14837.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14837","reference_id":"","reference_type":"","scores":[{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77491","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14837","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14837"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/9a7c1a91a59ab85e7f8889a505be04a71580777f","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/9a7c1a91a59ab85e7f8889a505be04a71580777f"},{"reference_url":"https://issues.jboss.org/browse/KEYCLOAK-10780","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.jboss.org/browse/KEYCLOAK-10780"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14837","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730227","reference_id":"1730227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1730227"},{"reference_url":"https://github.com/advisories/GHSA-cf8f-w2c5-p5jr","reference_id":"GHSA-cf8f-w2c5-p5jr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cf8f-w2c5-p5jr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4040","reference_id":"RHSA-2019:4040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4041","reference_id":"RHSA-2019:4041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4042","reference_id":"RHSA-2019:4042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4045","reference_id":"RHSA-2019:4045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4045"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16374?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@8.0.0"}],"aliases":["CVE-2019-14837","GHSA-cf8f-w2c5-p5jr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4zx-ktg9-zue4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202212?format=json","vulnerability_id":"VCID-tzwz-7xr4-qud3","summary":"Keycloak vulnerable to infinite loop based Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2646.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2646.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2646","reference_id":"","reference_type":"","scores":[{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66538","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2646","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2646"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"http://www.securityfocus.com/bid/96882","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431230","reference_id":"1431230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431230"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2646","reference_id":"CVE-2017-2646","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2646"},{"reference_url":"https://github.com/advisories/GHSA-jc6q-27mw-p55w","reference_id":"GHSA-jc6q-27mw-p55w","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jc6q-27mw-p55w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432489?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.5.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-f84p-b838-8qge"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.5.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14221?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.5"}],"aliases":["CVE-2017-2646","GHSA-jc6q-27mw-p55w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzwz-7xr4-qud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202201?format=json","vulnerability_id":"VCID-u3st-6pct-kkfy","summary":"keycloak-core vulnerable to timing attacks against JWS token verification","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0876.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0876.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0872","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2017:0872"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0873","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2017:0873"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2585.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2585","reference_id":"","reference_type":"","scores":[{"value":"0.00671","scoring_system":"epss","scoring_elements":"0.71861","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2585"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412376","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412376"},{"reference_url":"https://web.archive.org/web/20170420113802/http://www.securitytracker.com/id/1038180","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170420113802/http://www.securitytracker.com/id/1038180"},{"reference_url":"https://web.archive.org/web/20200227175650/http://www.securityfocus.com/bid/97393","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227175650/http://www.securityfocus.com/bid/97393"},{"reference_url":"http://www.securityfocus.com/bid/97393","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97393"},{"reference_url":"http://www.securitytracker.com/id/1038180","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038180"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2585","reference_id":"CVE-2017-2585","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2585"},{"reference_url":"https://github.com/advisories/GHSA-w6gv-3r3v-gwgj","reference_id":"GHSA-w6gv-3r3v-gwgj","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w6gv-3r3v-gwgj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0876","reference_id":"RHSA-2017:0876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432469?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.1.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-f84p-b838-8qge"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-tzwz-7xr4-qud3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14217?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1"}],"aliases":["CVE-2017-2585","GHSA-w6gv-3r3v-gwgj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3st-6pct-kkfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197024?format=json","vulnerability_id":"VCID-u9df-phf1-83gr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3632","reference_id":"","reference_type":"","scores":[{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66537","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978196","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978196"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4"},{"reference_url":"https://github.com/keycloak/keycloak/pull/8203","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/8203"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-18500","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-18500"},{"reference_url":"https://security.archlinux.org/AVG-1332","reference_id":"AVG-1332","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1332"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2021-3632","reference_id":"CVE-2021-3632","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2021-3632"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3632","reference_id":"CVE-2021-3632","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3632"},{"reference_url":"https://github.com/advisories/GHSA-qpq9-jpv4-6gwr","reference_id":"GHSA-qpq9-jpv4-6gwr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpq9-jpv4-6gwr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3527","reference_id":"RHSA-2021:3527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3528","reference_id":"RHSA-2021:3528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3529","reference_id":"RHSA-2021:3529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3534","reference_id":"RHSA-2021:3534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3534"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25892?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@15.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-pvrr-mmx8-4kg6"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@15.1.0"}],"aliases":["CVE-2021-3632","GHSA-qpq9-jpv4-6gwr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9df-phf1-83gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210040?format=json","vulnerability_id":"VCID-ubx3-wzt9-p3fc","summary":"Keycloak Authentication Error","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3592","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3593","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3595","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0877","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0877"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10894.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10894","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17411","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/812e76c39b1e693e8f11e5549cca2c90631f372e"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1599434","reference_id":"1599434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1599434"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10894","reference_id":"CVE-2018-10894","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10894"},{"reference_url":"https://github.com/advisories/GHSA-xvv8-8wh9-9fh2","reference_id":"GHSA-xvv8-8wh9-9fh2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xvv8-8wh9-9fh2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/392533?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@3.4.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/392544?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@3.4.3.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-ktfu-j9gz-p7d1"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@3.4.3.Final"}],"aliases":["CVE-2018-10894","GHSA-xvv8-8wh9-9fh2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubx3-wzt9-p3fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/358330?format=json","vulnerability_id":"VCID-utd3-fu1x-augq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6134.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6134.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6134","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2023-6134"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6134","reference_id":"","reference_type":"","scores":[{"value":"0.02468","scoring_system":"epss","scoring_elements":"0.85589","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6134"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/15a21bf8e4fb71f006ba9caf25b9c9d1d152cd20","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/15a21bf8e4fb71f006ba9caf25b9c9d1d152cd20"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-cvg2-7c3j-g36j","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-cvg2-7c3j-g36j"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6134","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249673","reference_id":"2249673","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249673"},{"reference_url":"https://github.com/advisories/GHSA-cvg2-7c3j-g36j","reference_id":"GHSA-cvg2-7c3j-g36j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cvg2-7c3j-g36j"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7854","reference_id":"RHSA-2023:7854","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7855","reference_id":"RHSA-2023:7855","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7856","reference_id":"RHSA-2023:7856","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7857","reference_id":"RHSA-2023:7857","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7858","reference_id":"RHSA-2023:7858","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7860","reference_id":"RHSA-2023:7860","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7861","reference_id":"RHSA-2023:7861","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:7861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0798","reference_id":"RHSA-2024:0798","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0799","reference_id":"RHSA-2024:0799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0800","reference_id":"RHSA-2024:0800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0801","reference_id":"RHSA-2024:0801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0804","reference_id":"RHSA-2024:0804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0804"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/394894?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@23.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.0"}],"aliases":["CVE-2023-6134","GHSA-cvg2-7c3j-g36j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utd3-fu1x-augq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/324635?format=json","vulnerability_id":"VCID-w5wa-m47v-7fhy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1744.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2020-1744","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2020-1744"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1744","reference_id":"","reference_type":"","scores":[{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40984","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1744"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1744","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1744"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1805792","reference_id":"1805792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1805792"},{"reference_url":"https://github.com/advisories/GHSA-4gf2-xv97-63m2","reference_id":"GHSA-4gf2-xv97-63m2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4gf2-xv97-63m2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0945","reference_id":"RHSA-2020:0945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0946","reference_id":"RHSA-2020:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0947","reference_id":"RHSA-2020:0947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0951","reference_id":"RHSA-2020:0951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2252","reference_id":"RHSA-2020:2252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2905","reference_id":"RHSA-2020:2905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2905"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382489?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/385382?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.2"}],"aliases":["CVE-2020-1744","GHSA-4gf2-xv97-63m2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5wa-m47v-7fhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/142637?format=json","vulnerability_id":"VCID-wfeg-6241-cucs","summary":"A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6291","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39499","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6291"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/b2e91105315ccf2c1df549b4f6c5948322cbfd1b"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-mpwq-j3xf-7m5w"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6291","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6291"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22","reference_id":"cpe:/a:redhat:build_keycloak:22","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9","reference_id":"cpe:/a:redhat:build_keycloak:22::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7","reference_id":"cpe:/a:redhat:jboss_data_grid:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8","reference_id":"cpe:/a:redhat:jboss_data_grid:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6","reference_id":"cpe:/a:redhat:jboss_enterprise_application_platform:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7","reference_id":"cpe:/a:redhat:jboss_enterprise_bpms_platform:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7","reference_id":"cpe:/a:redhat:jboss_enterprise_brms_platform:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7","reference_id":"cpe:/a:redhat:jboss_fuse:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6","reference_id":"cpe:/a:redhat:migration_toolkit_applications:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7","reference_id":"cpe:/a:redhat:migration_toolkit_applications:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_applications:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6.6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7.6::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8","reference_id":"cpe:/a:redhat:rhosemc:1.0::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1","reference_id":"cpe:/a:redhat:serverless:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6291","reference_id":"CVE-2023-6291","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-6291"},{"reference_url":"https://github.com/advisories/GHSA-mpwq-j3xf-7m5w","reference_id":"GHSA-mpwq-j3xf-7m5w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mpwq-j3xf-7m5w"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7854","reference_id":"RHSA-2023:7854","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7855","reference_id":"RHSA-2023:7855","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7856","reference_id":"RHSA-2023:7856","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7857","reference_id":"RHSA-2023:7857","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7858","reference_id":"RHSA-2023:7858","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7860","reference_id":"RHSA-2023:7860","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7861","reference_id":"RHSA-2023:7861","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0798","reference_id":"RHSA-2024:0798","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0799","reference_id":"RHSA-2024:0799","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0800","reference_id":"RHSA-2024:0800","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0801","reference_id":"RHSA-2024:0801","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0804","reference_id":"RHSA-2024:0804","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251407","reference_id":"show_bug.cgi?id=2251407","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:56:46Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/394894?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@23.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.0"}],"aliases":["CVE-2023-6291","GHSA-mpwq-j3xf-7m5w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfeg-6241-cucs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202213?format=json","vulnerability_id":"VCID-wg5v-btsv-2fcz","summary":"keycloak-core discloses system properties","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2582.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2582","reference_id":"","reference_type":"","scores":[{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70754","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2582"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582"},{"reference_url":"http://www.securityfocus.com/bid/101046","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101046"},{"reference_url":"http://www.securitytracker.com/id/1041707","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041707"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410481","reference_id":"1410481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410481"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2582","reference_id":"CVE-2017-2582","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2582"},{"reference_url":"https://github.com/advisories/GHSA-c77r-6f64-478q","reference_id":"GHSA-c77r-6f64-478q","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c77r-6f64-478q"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3216","reference_id":"RHSA-2017:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3217","reference_id":"RHSA-2017:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3218","reference_id":"RHSA-2017:3218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3219","reference_id":"RHSA-2017:3219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3220","reference_id":"RHSA-2017:3220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2740","reference_id":"RHSA-2018:2740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2741","reference_id":"RHSA-2018:2741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2742","reference_id":"RHSA-2018:2742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2743","reference_id":"RHSA-2018:2743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0136","reference_id":"RHSA-2019:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0137","reference_id":"RHSA-2019:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0139","reference_id":"RHSA-2019:0139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432469?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.1.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7tca-nfme-37ek"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-f84p-b838-8qge"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-k78b-wwvc-e3as"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-rbre-2rk4-e3gr"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-tzwz-7xr4-qud3"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-ubx3-wzt9-p3fc"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-x77r-6nax-tqg6"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/14217?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@2.5.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.5.1"}],"aliases":["CVE-2017-2582","GHSA-c77r-6f64-478q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg5v-btsv-2fcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204089?format=json","vulnerability_id":"VCID-x6m8-gkbc-4kec","summary":"Improper Verification of Cryptographic Signature in keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10201.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10201","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33261","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10201"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728609","reference_id":"1728609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728609"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10201","reference_id":"CVE-2019-10201","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10201"},{"reference_url":"https://github.com/advisories/GHSA-4fgq-gq9g-3rw7","reference_id":"GHSA-4fgq-gq9g-3rw7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4fgq-gq9g-3rw7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2483","reference_id":"RHSA-2019:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2366","reference_id":"RHSA-2020:2366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2366"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15616?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0"}],"aliases":["CVE-2019-10201","GHSA-4fgq-gq9g-3rw7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6m8-gkbc-4kec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203576?format=json","vulnerability_id":"VCID-x77r-6nax-tqg6","summary":"Exposure of Sensitive Information to an Unauthorized Actor in Keycloak","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1140","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2998","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2998"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3868.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3868","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51225","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3868","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3868"},{"reference_url":"http://www.securityfocus.com/bid/108061","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/108061"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679144","reference_id":"1679144","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679144"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3868","reference_id":"CVE-2019-3868","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3868"},{"reference_url":"https://github.com/advisories/GHSA-gc52-xj6p-9pxp","reference_id":"GHSA-gc52-xj6p-9pxp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gc52-xj6p-9pxp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0856","reference_id":"RHSA-2019:0856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0857","reference_id":"RHSA-2019:0857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0868","reference_id":"RHSA-2019:0868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2366","reference_id":"RHSA-2020:2366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2366"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15225?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-qwr8-j8k6-fqew"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-x6m8-gkbc-4kec"},{"vulnerability":"VCID-xf39-m1jv-zbfj"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@6.0.0"}],"aliases":["CVE-2019-3868","GHSA-gc52-xj6p-9pxp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x77r-6nax-tqg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204090?format=json","vulnerability_id":"VCID-xf39-m1jv-zbfj","summary":"Improper Input Validation and Cross-Site Request Forgery in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10199.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10199","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26365","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10199"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1729261","reference_id":"1729261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1729261"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10199","reference_id":"CVE-2019-10199","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10199"},{"reference_url":"https://github.com/advisories/GHSA-p5xp-6vpf-jwvh","reference_id":"GHSA-p5xp-6vpf-jwvh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5xp-6vpf-jwvh"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2483","reference_id":"RHSA-2019:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2366","reference_id":"RHSA-2020:2366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2366"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15616?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-1twj-46mj-vbeg"},{"vulnerability":"VCID-27n8-twqe-c7hg"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-49ev-wsaa-4bbn"},{"vulnerability":"VCID-551s-5jc8-x7g4"},{"vulnerability":"VCID-6kkn-nm8v-u3a4"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-cxjv-a4yf-2bgs"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-hvwy-pv1y-sqeg"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-mb69-adq5-aqdy"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-t4zx-ktg9-zue4"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-w5wa-m47v-7fhy"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"},{"vulnerability":"VCID-ztxp-j5gt-4qdb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@7.0.0"}],"aliases":["CVE-2019-10199","GHSA-p5xp-6vpf-jwvh"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xf39-m1jv-zbfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211657?format=json","vulnerability_id":"VCID-yb4r-xbbq-47en","summary":"keycloak-core: open redirect via \"form_post.jwt\" JARM response mode","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0097","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0098","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0100","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0101","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0101"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6927.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6927.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6927","reference_id":"","reference_type":"","scores":[{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75123","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6927"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255027","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255027"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6927","reference_id":"CVE-2023-6927","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2023-6927"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6927","reference_id":"CVE-2023-6927","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6927"},{"reference_url":"https://github.com/advisories/GHSA-9vm7-v8wj-3fqw","reference_id":"GHSA-9vm7-v8wj-3fqw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9vm7-v8wj-3fqw"},{"reference_url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-9vm7-v8wj-3fqw","reference_id":"GHSA-9vm7-v8wj-3fqw","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-9vm7-v8wj-3fqw"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0094","reference_id":"RHSA-2024:0094","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0095","reference_id":"RHSA-2024:0095","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0096","reference_id":"RHSA-2024:0096","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2024:0096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0798","reference_id":"RHSA-2024:0798","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0799","reference_id":"RHSA-2024:0799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0800","reference_id":"RHSA-2024:0800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0801","reference_id":"RHSA-2024:0801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0804","reference_id":"RHSA-2024:0804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0804"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28536?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@23.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@23.0.4"}],"aliases":["CVE-2023-6927","GHSA-9vm7-v8wj-3fqw","GMS-2024-51"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yb4r-xbbq-47en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152938?format=json","vulnerability_id":"VCID-z5yv-y145-abeh","summary":"A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35509","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2499","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35509"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912427","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912427"},{"reference_url":"https://github.com/keycloak/keycloak","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak"},{"reference_url":"https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76"},{"reference_url":"https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb"},{"reference_url":"https://github.com/keycloak/keycloak/pull/6330","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/6330"},{"reference_url":"https://github.com/keycloak/keycloak/pull/8067","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/8067"},{"reference_url":"https://security.archlinux.org/ASA-202106-53","reference_id":"ASA-202106-53","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-53"},{"reference_url":"https://security.archlinux.org/AVG-2084","reference_id":"AVG-2084","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2084"},{"reference_url":"https://access.redhat.com/security/cve/cve-2020-35509","reference_id":"cve-2020-35509","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-30T19:38:02Z/"}],"url":"https://access.redhat.com/security/cve/cve-2020-35509"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35509","reference_id":"CVE-2020-35509","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35509"},{"reference_url":"https://github.com/advisories/GHSA-rpj2-w6fr-79hc","reference_id":"GHSA-rpj2-w6fr-79hc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rpj2-w6fr-79hc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3527","reference_id":"RHSA-2021:3527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3528","reference_id":"RHSA-2021:3528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3529","reference_id":"RHSA-2021:3529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3534","reference_id":"RHSA-2021:3534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3534"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25844?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@14.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@14.0.0"}],"aliases":["CVE-2020-35509","GHSA-rpj2-w6fr-79hc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5yv-y145-abeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197256?format=json","vulnerability_id":"VCID-z8cr-qt2v-rkgn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27838.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27838","reference_id":"","reference_type":"","scores":[{"value":"0.85144","scoring_system":"epss","scoring_elements":"0.99374","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906797","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906797"},{"reference_url":"https://github.com/keycloak/keycloak/commit/9356843c6c3d7097d010b3bb6f91e25fcaba378c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/commit/9356843c6c3d7097d010b3bb6f91e25fcaba378c"},{"reference_url":"https://github.com/keycloak/keycloak/pull/7790","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/pull/7790"},{"reference_url":"https://security.archlinux.org/ASA-202105-6","reference_id":"ASA-202105-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-6"},{"reference_url":"https://security.archlinux.org/AVG-1926","reference_id":"AVG-1926","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1926"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27838","reference_id":"CVE-2020-27838","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27838"},{"reference_url":"https://github.com/advisories/GHSA-pcv5-m2wh-66j3","reference_id":"GHSA-pcv5-m2wh-66j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcv5-m2wh-66j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19761?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@13.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@13.0.0"}],"aliases":["CVE-2020-27838","GHSA-pcv5-m2wh-66j3"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8cr-qt2v-rkgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207726?format=json","vulnerability_id":"VCID-ztxp-j5gt-4qdb","summary":"Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1758.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1758","reference_id":"","reference_type":"","scores":[{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.4905","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758"},{"reference_url":"https://issues.redhat.com/browse/KEYCLOAK-13285","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/KEYCLOAK-13285"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1812514","reference_id":"1812514","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1812514"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1758","reference_id":"CVE-2020-1758","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1758"},{"reference_url":"https://github.com/advisories/GHSA-c597-f74m-jgc2","reference_id":"GHSA-c597-f74m-jgc2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c597-f74m-jgc2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2106","reference_id":"RHSA-2020:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2107","reference_id":"RHSA-2020:2107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2108","reference_id":"RHSA-2020:2108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2112","reference_id":"RHSA-2020:2112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2112"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/392326?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ewb-gxkb-j3cn"},{"vulnerability":"VCID-3mcs-n479-zydu"},{"vulnerability":"VCID-7q52-ujxg-pyg4"},{"vulnerability":"VCID-7xus-anmm-9ba3"},{"vulnerability":"VCID-c2nr-hks8-4qg1"},{"vulnerability":"VCID-cbrs-98sn-mqfq"},{"vulnerability":"VCID-czc3-kxs3-yfdt"},{"vulnerability":"VCID-db3z-zawx-kuc4"},{"vulnerability":"VCID-ejyg-88gf-sfbh"},{"vulnerability":"VCID-fmep-x7k1-37aj"},{"vulnerability":"VCID-h6ky-xtx2-augv"},{"vulnerability":"VCID-kdwj-wspq-1ket"},{"vulnerability":"VCID-kyss-1ab7-77ef"},{"vulnerability":"VCID-q1jj-f5rg-57b1"},{"vulnerability":"VCID-qbxs-9gb1-dbe3"},{"vulnerability":"VCID-sbyx-da8j-mqfx"},{"vulnerability":"VCID-u9df-phf1-83gr"},{"vulnerability":"VCID-utd3-fu1x-augq"},{"vulnerability":"VCID-wfeg-6241-cucs"},{"vulnerability":"VCID-yb4r-xbbq-47en"},{"vulnerability":"VCID-z5yv-y145-abeh"},{"vulnerability":"VCID-z8cr-qt2v-rkgn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@10.0.0"}],"aliases":["CVE-2020-1758","GHSA-c597-f74m-jgc2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztxp-j5gt-4qdb"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@2.2.1.Final"}