Search Results (616 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-3009 1 Redhat 7 Build Keycloak, Build Of Keycloak, Jboss Enterprise Application Platform and 4 more 2026-04-16 8.1 High
A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login request to bypass the administrative restriction. This undermines access control enforcement and may allow unauthorized authentication through a disabled external provider.
CVE-2026-1035 1 Redhat 4 Build Keycloak, Jboss Enterprise Application Platform, Jbosseapxp and 1 more 2026-04-16 3.1 Low
A flaw was found in the Keycloak server during refresh token processing, specifically in the TokenManager class responsible for enforcing refresh token reuse policies. When strict refresh token rotation is enabled, the validation and update of refresh token usage are not performed atomically. This allows concurrent refresh requests to bypass single-use enforcement and issue multiple access tokens from the same refresh token. As a result, Keycloak’s refresh token rotation hardening can be undermined.
CVE-2026-3429 2 Keycloak, Redhat 5 Keycloak, Build Keycloak, Jboss Enterprise Application Platform and 2 more 2026-04-15 4.2 Medium
A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lower security level to perform sensitive actions intended only for higher-assurance sessions. Specifically, an attacker who has already obtained a victim’s password can delete the victim’s registered MFA/OTP credential without first proving possession of that factor. The attacker can then register their own MFA device, effectively taking full control of the account. This weakness undermines the intended protection provided by multi-factor authentication.
CVE-2026-3121 2 Keycloak, Redhat 8 Keycloak, Build Keycloak, Build Of Keycloak and 5 more 2026-04-15 6.5 Medium
A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.
CVE-2026-1180 1 Redhat 4 Build Keycloak, Jboss Enterprise Application Platform, Jbosseapxp and 1 more 2026-04-15 5.8 Medium
A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using private_key_jwt. The issue allows a client to specify an arbitrary jwks_uri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the Keycloak server into making HTTP requests to internal or restricted network resources. As a result, attackers can probe internal services and cloud metadata endpoints, creating an information disclosure and reconnaissance risk.
CVE-2023-5685 1 Redhat 12 Apache-camel-spring-boot, Apache Camel Hawtio, Build Keycloak and 9 more 2026-04-15 7.5 High
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
CVE-2023-6236 1 Redhat 2 Jboss Enterprise Application Platform, Jbosseapxp 2026-04-15 7.3 High
A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if a cached token should be used or not. This logic needs to be updated to take into account the new "provider-url" option in addition to the "realm" option. EAP-7 does not provide the vulnerable provider-url configuration option in its OIDC implementation and is not affected by this flaw.
CVE-2024-10451 1 Redhat 3 Build Keycloak, Jboss Enterprise Application Platform, Red Hat Single Sign On 2026-04-15 5.9 Medium
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in environment variables during the build process is also stored as a default values, making it accessible during runtime. Indirect usage of environment variables for SPI options and Quarkus properties is also vulnerable due to unconditional expansion by PropertyMapper logic, capturing sensitive data as default values in all Keycloak versions up to 26.0.2.
CVE-2024-1233 1 Redhat 3 Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus, Jbosseapxp 2026-04-15 7.3 High
A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
CVE-2023-5675 1 Redhat 11 A Mq Clients, Camel Quarkus, Cryostat and 8 more 2026-04-15 6.5 Medium
A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either 'quarkus.security.jaxrs.deny-unannotated-endpoints' or 'quarkus.security.jaxrs.default-roles-allowed' properties.
CVE-2025-2240 1 Redhat 9 Apache Camel Spring Boot, Apicurio Registry, Camel Quarkus and 6 more 2026-04-15 7.5 High
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue.
CVE-2024-30172 2 Bouncycastle, Redhat 6 Legion-of-the-bouncy-castle-java-crytography-api, Amq Broker, Apache Camel Spring Boot and 3 more 2026-04-15 7.5 High
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
CVE-2025-27611 1 Redhat 1 Jboss Enterprise Application Platform 2026-04-15 7.5 High
base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.
CVE-2024-29857 2 Bouncycastle, Redhat 8 Bc-fja, Bc-java, Bc C .net and 5 more 2026-04-15 7.5 High
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVE-2024-1300 1 Redhat 20 A Mq Clients, Amq Broker, Amq Streams and 17 more 2026-04-15 5.4 Medium
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.
CVE-2024-9666 1 Redhat 2 Build Keycloak, Jboss Enterprise Application Platform 2026-04-15 4.7 Medium
A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service. The attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers.
CVE-2024-5971 1 Redhat 12 Apache Camel Hawtio, Apache Camel Spring Boot, Build Keycloak and 9 more 2026-04-15 7.5 High
A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.
CVE-2024-9622 1 Redhat 3 Jboss Data Grid, Jboss Enterprise Application Platform, Jbosseapxp 2026-04-15 5.3 Medium
A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is sent, it causes the Netty HttpObjectDecoder to transition into a BAD_MESSAGE state. As a result, any subsequent legitimate requests on the same connection are ignored, leading to client timeouts, which may impact systems using load balancers and expose them to risk.
CVE-2024-11734 1 Redhat 3 Build Keycloak, Jboss Enterprise Application Platform, Jbosseapxp 2026-04-15 6.5 Medium
A denial of service vulnerability was found in Keycloak that could allow an administrative user with the right to change realm settings to disrupt the service. This action is done by modifying any of the security headers and inserting newlines, which causes the Keycloak server to write to a request that has already been terminated, leading to the failure of said request.
CVE-2024-12397 1 Redhat 13 Amq Streams, Apache Camel Hawtio, Build Keycloak and 10 more 2026-04-15 7.4 High
A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.