Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-qgmm-f2qw-r95f

Опубликовано: 24 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 5.5

Описание

Keycloak leaks sensitive information in logged exceptions

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

Ссылки

Пакеты

Наименование

org.keycloak:keycloak-core

maven
Затронутые версииВерсия исправления

< 9.0.0

9.0.0

EPSS

Процентиль: 16%
0.00051
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-1698

Дефекты

CWE-200
CWE-532

Связанные уязвимости

redhat логотип

CVE-2020-1698

CVSS3: 5
redhat
почти 6 лет назад

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

nvd логотип

CVE-2020-1698

CVSS3: 5
nvd
больше 5 лет назад

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

debian логотип

CVE-2020-1698

CVSS3: 5
debian
больше 5 лет назад

A flaw was found in keycloak in versions before 9.0.0. A logged except ...

EPSS

Процентиль: 16%
0.00051
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-1698

Дефекты

CWE-200
CWE-532