Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8xj2-47xw-q78c

Опубликовано: 24 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 4.3

Описание

Keycloak Insufficient Session Expiry

A flaw was found in Keycloak in versions before 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.

Ссылки

Пакеты

Наименование

org.keycloak:keycloak-core

maven
Затронутые версииВерсия исправления

< 9.0.2

9.0.2

EPSS

Процентиль: 34%
0.00136
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2020-1724

Дефекты

CWE-613

Связанные уязвимости

redhat логотип

CVE-2020-1724

CVSS3: 4.3
redhat
почти 6 лет назад

A flaw was found in Keycloak in versions before 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.

nvd логотип

CVE-2020-1724

CVSS3: 4.3
nvd
больше 5 лет назад

A flaw was found in Keycloak in versions before 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.

debian логотип

CVE-2020-1724

CVSS3: 4.3
debian
больше 5 лет назад

A flaw was found in Keycloak in versions before 9.0.2. This flaw allow ...

EPSS

Процентиль: 34%
0.00136
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2020-1724

Дефекты

CWE-613