Vulnerability Database
296,733
Total vulnerabilities in the database
CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability.
| Software | From | Fixed in |
|---|---|---|
org.keycloak / keycloak-services
|
- | 21.0.1 |
| redhat / keycloak | - | 18.0.6 |
| redhat / single_sign-on | - | 7.6.2 |
| redhat / openshift_container_platform | 4.9 | 4.9.x |
| redhat / openshift_container_platform | 4.10 | 4.10.x |
| redhat / openshift_container_platform_for_ibm_linuxone | 4.9 | 4.9.x |
| redhat / openshift_container_platform_for_ibm_linuxone | 4.10 | 4.10.x |
| redhat / openshift_container_platform_ibm_z_systems | 4.9 | 4.9.x |
| redhat / openshift_container_platform_ibm_z_systems | 4.10 | 4.10.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime