The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Red Hat Single Sign-On

Keycloak: denial of service via Large Simultaneous Content-Length Requests
An attacker can trigger a fatal error via Large Simultaneous Content-Length Requests of Keycloak, in order to trigger a denial of service...
CVE-2020-10758, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, VIGILANCE-VUL-33101
Keycloak: privilege escalation via Admin Console Missing Security Headers
An attacker can bypass restrictions via Admin Console Missing Security Headers of Keycloak, in order to escalate his privileges...
CVE-2020-1728, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, VIGILANCE-VUL-33100
WildFly: privilege escalation via EmbeddedManagedProcess API TCCL Setting
An attacker can bypass restrictions via EmbeddedManagedProcess API TCCL Setting of WildFly, in order to escalate his privileges...
CVE-2020-10718, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-33094
WildFly: privilege escalation via FORM Authentication Session Fixation
An attacker can bypass restrictions via FORM Authentication Session Fixation of WildFly, in order to escalate his privileges...
CVE-2020-10714, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-33093
Hibernate Validator: privilege escalation via Message Interpolation Processor
An attacker can bypass restrictions via Message Interpolation Processor of Hibernate Validator, in order to escalate his privileges...
6348216, CVE-2020-10693, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-33092
Undertow: information disclosure via HTTP Requests Invalid Characters
An attacker can bypass access restrictions to data via HTTP Requests Invalid Characters of Undertow, in order to obtain sensitive information...
CVE-2020-10687, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-33091
Undertow: information disclosure via Field Name Parsing
An attacker can bypass access restrictions to data via Field Name Parsing of Undertow, in order to obtain sensitive information...
CVE-2020-1710, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-33089
Wildfly: denial of service via EJB SessionOpenInvocations
An attacker can trigger a fatal error via EJB SessionOpenInvocations of Wildfly, in order to trigger a denial of service...
CVE-2020-14307, RHSA-2020:3141-01, RHSA-2020:3142-01, RHSA-2020:3143-01, RHSA-2020:3144-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-32907
JBoss RESTEasy: information disclosure via MediaTypeHeaderDelegate Injection
An attacker can bypass access restrictions to data via MediaTypeHeaderDelegate Injection of JBoss RESTEasy, in order to obtain sensitive information...
CVE-2020-1695, RESTEASY-2559, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-32521
WildFly: privilege escalation via EJB
An attacker can bypass isolation of EJB in WildFly, in order to escalate his privileges...
CVE-2020-1719, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, VIGILANCE-VUL-32278
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Single Sign-On: