Filtered by vendor Redhat Subscriptions
Filtered by product Build Keycloak Subscriptions
Total 59 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-3501 1 Redhat 2 Build Keycloak, Red Hat Single Sign On 2025-08-07 8.2 High
A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.
CVE-2023-6484 1 Redhat 3 Build Keycloak, Red Hat Single Sign On, Rhosemc 2025-08-07 5.3 Medium
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
CVE-2023-6717 1 Redhat 15 Amq Broker, Build Keycloak, Jboss Data Grid and 12 more 2025-08-07 6 Medium
A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.
CVE-2024-1249 1 Redhat 15 Amq Broker, Amq Streams, Build Keycloak and 12 more 2025-08-07 7.4 High
A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.
CVE-2024-1132 1 Redhat 23 Amq Broker, Build Keycloak, Build Of Keycloak and 20 more 2025-08-07 8.1 High
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
CVE-2023-6291 1 Redhat 18 Build Keycloak, Enterprise Linux, Jboss Data Grid and 15 more 2025-08-07 7.1 High
A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
CVE-2024-4540 1 Redhat 3 Build Keycloak, Red Hat Single Sign On, Rhosemc 2025-08-07 7.5 High
A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability.
CVE-2024-5967 1 Redhat 3 Build Keycloak, Red Hat Single Sign On, Rhosemc 2025-08-07 2.7 Low
A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.
CVE-2024-4028 1 Redhat 2 Build Keycloak, Red Hat Single Sign On 2025-08-07 3.8 Low
A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.
CVE-2024-1722 1 Redhat 3 Build Keycloak, Keycloak, Red Hat Single Sign On 2025-08-07 3.7 Low
A flaw was found in Keycloak. In certain conditions, this issue may allow a remote unauthenticated attacker to block other accounts from logging in.
CVE-2023-6927 1 Redhat 5 Build Keycloak, Keycloak, Red Hat Single Sign On and 2 more 2025-08-07 4.6 Medium
A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.
CVE-2023-6787 1 Redhat 4 Build Keycloak, Build Of Keycloak, Keycloak and 1 more 2025-08-07 6.5 Medium
A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.
CVE-2023-6544 1 Redhat 3 Build Keycloak, Red Hat Single Sign On, Rhosemc 2025-08-07 5.4 Medium
A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.
CVE-2023-6134 1 Redhat 9 Build Keycloak, Enterprise Linux, Keycloak and 6 more 2025-08-07 4.6 Medium
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748.
CVE-2023-6563 1 Redhat 9 Build Keycloak, Enterprise Linux, Keycloak and 6 more 2025-08-07 7.7 High
An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system.
CVE-2025-8419 1 Redhat 1 Build Keycloak 2025-08-06 6.5 Medium
A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very shorts emails (subject and little data, the example is 60 chars). This flaw's only direct consequence is an unsolicited email being sent from the Keycloak server. However, this action could be a precursor for more sophisticated attacks.
CVE-2024-3653 1 Redhat 17 Amq Streams, Apache Camel Hawtio, Build Keycloak and 14 more 2025-08-06 5.3 Medium
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
CVE-2024-12397 1 Redhat 13 Amq Streams, Apache Camel Hawtio, Build Keycloak and 10 more 2025-08-04 7.4 High
A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
CVE-2024-5971 1 Redhat 12 Apache Camel Hawtio, Apache Camel Spring Boot, Build Keycloak and 9 more 2025-08-02 7.5 High
A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.
CVE-2025-7784 1 Redhat 4 Build Keycloak, Jboss Enterprise Application Platform, Jbosseapxp and 1 more 2025-07-29 6.5 Medium
A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.