Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe

Filtered by product Openshift Application Runtimes

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-10734	1 Redhat	4 Jboss Fuse, Keycloak, Openshift Application Runtimes and 1 more	2021-02-26	2.1 LOW	3.3 LOW
A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Application Runtimes are believed to be vulnerable.
CVE-2020-1717	1 Redhat	4 Jboss Fuse, Keycloak, Openshift Application Runtimes and 1 more	2021-02-17	4.0 MEDIUM	2.7 LOW
A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.