Red Hat Keycloak Vulnerabilities

Red%20hat Keycloak vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

21 August 2025

Injection Vulnerability in Keycloak Model Storage Service by Red Hat
CVE-2025-9162
Red HatRed Hat Build Of Keycloak4.9MEDIUM

6 August 2025

SMTP Injection Vulnerability in Keycloak Services
CVE-2025-8419
Red HatRed Hat Build Of Keycloak5.3MEDIUM

18 July 2025

Unauthorized Access Elevation in Keycloak Identity Management System
CVE-2025-7784
Red HatRed Hat Build Of Keycl...6.5MEDIUM

10 July 2025

Account Merge Vulnerability in Keycloak by Red Hat
CVE-2025-7365
Red HatRed Hat Build Of Keycl...5.4MEDIUM

20 June 2025

Information Disclosure Vulnerability in Keycloak by Red Hat
CVE-2025-5416
Red HatRed Hat Build Of Keycloak2.7LOW

29 April 2025

Vulnerability in Keycloak Authorization Package Allows Circumvention of Security Actions
CVE-2025-3910
Red Hat5.4MEDIUM

22 October 2024

Wildfly Deployment System Vulnerability: Cross-Site Scripting Attacks Possible
CVE-2024-10234
Red Hat7.3HIGH

25 April 2024

Keycloak Authentication Bypass Vulnerability
CVE-2023-3597
Red Hat5MEDIUM

17 April 2024

Bypass of Redirect URI Validation in Keycloak May Lead to Access Token Theft
CVE-2024-2419
Red HatUpstream7.1HIGH

22 March 2024

Stack Overflow Exception in XNIO NotifierState Could Lead to Denial of Service
CVE-2023-5685
Red HatEap 7.4.147.5HIGH

26 January 2024

Keycloak: redirect_uri validation bypass
CVE-2023-6291
Red HatRed Hat Build Of Keycl...7.1HIGH

21 December 2023

Client access via device auth request spoof
CVE-2023-2585
Red Hatkeycloak8.1HIGH

18 December 2023

Keycloak: open redirect via "form_post.jwt" jarm response mode
CVE-2023-6927
Red HatRed Hat Build Of Keycl...4.6MEDIUM

14 December 2023

4 October 2023

Oauth client impersonation
CVE-2023-2422
Red Hatkeycloak7.1HIGH

12 September 2023

Plaintext storage of user password
CVE-2023-4918
Red Hatkeycloak8.8HIGH

9 November 2020

Path Traversal Vulnerability in Keycloak by Red Hat
CVE-2020-14366
Red HatKeycloak6.8MEDIUM

15 May 2020

TLS Hostname Verification Flaw in Keycloak by Red Hat
CVE-2020-1758
Red HatKeycloak5.3MEDIUM

13 May 2020

Code Injection Vulnerability in Keycloak by Red Hat
CVE-2020-1714
Red HatKeycloak7.5HIGH

12 May 2020

Improper Access Control in Keycloak by Red Hat
CVE-2020-1718
Red HatKeycloak7.1HIGH

11 May 2020

24 March 2020

Brute Force Protection Flaw in Keycloak by Red Hat
CVE-2020-1744
Red HatKeycloak5.6MEDIUM

2 March 2020

Keycloak Operator Password Management Flaw in Red Hat Product
CVE-2020-1731
Red HatKeycloak9.1CRITICAL