Keycloak Keycloak

Do you want an email whenever new security vulnerabilities are reported in Keycloak?

By the Year

In 2022 there have been 0 vulnerabilities in Keycloak . Keycloak did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 4.90

It may take a day or so for new Keycloak vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Keycloak Security Vulnerabilities

keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement

CVE-2018-10912 4.9 - Medium - July 23, 2018

keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial of Service on the server.

Infinite Loop

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Keycloak or by Keycloak? Click the Watch button to subscribe.

Keycloak
Vendor

Keycloak
Product

subscribe