The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Red Hat SSO

Apache Commons Beanutils: information disclosure via BeanIntrospector
An attacker can bypass access restrictions to data via BeanIntrospector of Apache Commons Beanutils, in order to obtain sensitive information...
1115085, 1119387, 3407751, 6198380, 6369095, CERTFR-2020-AVI-179, cpujan2021, cpujul2020, CVE-2019-10086, DLA-1896-1, DSA-2019-189, FEDORA-2019-79b5790566, FEDORA-2019-bcad44b5d6, openSUSE-SU-2019:2058-1, RHSA-2019:4317-01, RHSA-2020:0057-01, RHSA-2020:0194-01, RHSA-2020:0804-01, RHSA-2020:0805-01, RHSA-2020:0806-01, RHSA-2020:0811-01, RHSA-2020:0951-01, RHSA-2020:0952-01, SUSE-SU-2019:2244-1, SUSE-SU-2019:2245-1, VIGILANCE-VUL-30143
Apache Santuario XML Security for Java: privilege escalation via XML Parsing Code
An attacker can bypass restrictions via XML Parsing Code of Apache Santuario XML Security for Java, in order to escalate his privileges...
6382284, CERTFR-2020-AVI-179, CVE-2019-12400, NTAP-20190910-0003, RHSA-2020:0804-01, RHSA-2020:0805-01, RHSA-2020:0806-01, RHSA-2020:0811-01, RHSA-2020:0951-01, RHSA-2020:0952-01, VIGILANCE-VUL-30141
HTTP/2: multiple vulnerabilities
An attacker can use several vulnerabilities of HTTP/2...
1072144, 1072860, 1167160, 6198380, 6369095, bulletinoct2019, CERTFR-2019-AVI-389, cpuapr2020, cpujan2021, cpuoct2020, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, DLA-2485-1, DSA-4503-1, DSA-4505-1, DSA-4508-1, DSA-4511-1, DSA-4520-1, DSA-4669-1, FEDORA-2019-1686ae9b59, FEDORA-2019-5a6a7bc12c, FEDORA-2019-63ba15cc83, FEDORA-2019-7443ebda4b, FEDORA-2019-81985a8858, FEDORA-2019-8a437d5c2f, FEDORA-2019-befd924cfe, FEDORA-2021-d5b2c18fe6, HT210436, NFLX-2019-002, openSUSE-SU-2019:2000-1, openSUSE-SU-2019:2051-1, openSUSE-SU-2019:2056-1, openSUSE-SU-2019:2072-1, openSUSE-SU-2019:2085-1, openSUSE-SU-2019:2114-1, openSUSE-SU-2019:2115-1, openSUSE-SU-2019:2120-1, openSUSE-SU-2019:2130-1, openSUSE-SU-2019:2232-1, openSUSE-SU-2019:2234-1, openSUSE-SU-2019:2264-1, RHSA-2019:2692-01, RHSA-2019:2726-01, RHSA-2019:2745-01, RHSA-2019:2746-01, RHSA-2019:2775-01, RHSA-2019:2799-01, RHSA-2019:2893-01, RHSA-2019:2925-01, RHSA-2019:2939-01, RHSA-2019:2949-01, RHSA-2019:2955-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, RHSA-2019:4269-01, RHSA-2019:4273-01, RHSA-2020:0406-01, SSA:2020-091-02, SUSE-SU-2019:2213-1, SUSE-SU-2019:2214-1, SUSE-SU-2019:2237-1, SUSE-SU-2019:2254-1, SUSE-SU-2019:2259-1, SUSE-SU-2019:2260-1, SUSE-SU-2019:2309-1, SUSE-SU-2019:2329-1, SUSE-SU-2019:2473-1, SUSE-SU-2019:2559-1, SUSE-SU-2020:0059-1, Synology-SA-19:33, Synology-SA-19:37, USN-4099-1, USN-4113-1, USN-4113-2, USN-4308-1, VIGILANCE-VUL-30040, VU#605641
Red Hat Single Sign-On: two vulnerabilities
An attacker can use several vulnerabilities of Red Hat Single Sign-On...
CVE-2019-10199, CVE-2019-10201, RHSA-2019:2483-01, VIGILANCE-VUL-30039
FasterXML jackson-databind: code execution via SubTypeValidator
An attacker can use a vulnerability via SubTypeValidator of jackson-databind, in order to run code...
cpuapr2020, cpujan2020, CVE-2019-14379, DLA-1879-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, NTAP-20190814-0001, RHSA-2019:2743-01, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-30021
jackson-databind: file reading via Polymorphic Typing JSON Message
A local attacker can read a file via Polymorphic Typing JSON Message of jackson-databind, in order to obtain sensitive information...
CVE-2019-12814, DLA-1831-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29605
Keycloak: denial of service via NBF Node.js Adapter
An attacker can trigger a fatal error via NBF Node.js Adapter of Keycloak, in order to trigger a denial of service...
CVE-2019-10157, RHSA-2019:1456-01, VIGILANCE-VUL-29514
Keycloak: privilege escalation via CRL Signatures Validation
An attacker can bypass restrictions via CRL Signatures Validation of Keycloak, in order to escalate his privileges...
CVE-2019-3875, RHSA-2019:1456-01, VIGILANCE-VUL-29513
Bootstrap: Cross Site Scripting via Affix Configuration Target
An attacker can trigger a Cross Site Scripting via Affix Configuration Target of Bootstrap, in order to run JavaScript code in the context of the web site...
CVE-2018-20677, RHSA-2019:1456-01, RHSA-2020:4670-01, VIGILANCE-VUL-29512
Bootstrap: Cross Site Scripting via data-viewport
An attacker can trigger a Cross Site Scripting via data-viewport of Bootstrap, in order to run JavaScript code in the context of the web site...
CVE-2018-20676, RHSA-2019:1456-01, RHSA-2020:3936-01, RHSA-2020:4670-01, VIGILANCE-VUL-29511
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat SSO: