Red Hat Keycloak Vulnerabilities

Red%20hat Keycloak vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

16 December 2025

Broken Access Control Vulnerability in Keycloak Admin API
CVE-2025-14777
Red HatRed Hat Build Of Keycloak6MEDIUM

10 December 2025

Information Disclosure Vulnerability in Keycloak Admin REST API by Red Hat
CVE-2025-14082
Red HatRed Hat Build Of Keycloak2.7LOW

3 December 2025

Remote Denial of Service Vulnerability in Undertow by Red Hat
CVE-2024-3884
Red HatRed Hat Jboss Enterpri...7.5HIGH

20 June 2025

Information Disclosure Vulnerability in Keycloak by Red Hat
CVE-2025-5416
Red HatRed Hat Build Of Keycloak2.7LOW

25 November 2024

Keycloak Vulnerability Affects Sensitive Data
CVE-2024-10451
Red HatRed Hat Build Of Keycl...5.9MEDIUM

22 March 2024

Stack Overflow Exception in XNIO NotifierState Could Lead to Denial of Service
CVE-2023-5685
Red HatRed Hat Build Of Apach...7.5HIGH

26 January 2024

Keycloak: redirect_uri validation bypass
CVE-2023-6291
Red HatRed Hat Build Of Keycl...7.1HIGH

21 December 2023

Client access via device auth request spoof
CVE-2023-2585
Red Hatkeycloak8.1HIGH

18 December 2023

Keycloak: open redirect via "form_post.jwt" jarm response mode
CVE-2023-6927
Red HatRed Hat Build Of Keycl...4.6MEDIUM

14 December 2023

4 October 2023

Oauth client impersonation
CVE-2023-2422
Red Hatkeycloak7.1HIGH

12 September 2023

Plaintext storage of user password
CVE-2023-4918
Red Hatkeycloak8.8HIGH

9 November 2020

Path Traversal Vulnerability in Keycloak by Red Hat
CVE-2020-14366
Red HatKeycloak6.8MEDIUM

15 May 2020

TLS Hostname Verification Flaw in Keycloak by Red Hat
CVE-2020-1758
Red HatKeycloak5.3MEDIUM

13 May 2020

Code Injection Vulnerability in Keycloak by Red Hat
CVE-2020-1714
Red HatKeycloak7.5HIGH

12 May 2020

Improper Access Control in Keycloak by Red Hat
CVE-2020-1718
Red HatKeycloak7.1HIGH

11 May 2020

24 March 2020

Brute Force Protection Flaw in Keycloak by Red Hat
CVE-2020-1744
Red HatKeycloak5.6MEDIUM

2 March 2020

Keycloak Operator Password Management Flaw in Red Hat Product
CVE-2020-1731
Red HatKeycloak9.1CRITICAL

10 February 2020

Stored XSS Vulnerability in Keycloak Admin Console by Red Hat
CVE-2020-1697
Red HatKeycloak6.1MEDIUM

7 January 2020

Password Reset Vulnerability in Keycloak by Red Hat
CVE-2019-14837
Red HatKeycloak9.1CRITICAL

14 August 2019