CVE-2022-2232

Опубликовано: 14 нояб. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.

Ссылки

https://access.redhat.com/errata/RHSA-2024:0094
https://access.redhat.com/errata/RHSA-2024:0095
https://access.redhat.com/errata/RHSA-2024:0096
https://access.redhat.com/security/cve/CVE-2022-2232
https://bugzilla.redhat.com/show_bug.cgi?id=2096994

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

Дефекты

CWE-20

Связанные уязвимости

CVE-2022-2232

CVSS3: 7.5

redhat

около 2 лет назад

A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.

CVE-2022-2232

CVSS3: 7.5

debian

около 1 года назад

A flaw was found in the Keycloak package. This flaw allows an attacker ...

GHSA-8hc5-rmgf-qx6p

github

около 2 лет назад

Keycloak vulnerable to LDAP Injection on UsernameForm Login

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

Дефекты

CWE-20