Описание
A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.
Ссылки
EPSS
Процентиль: 42%
0.00204
Низкий
7.5 High
CVSS3
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 7.5
debian
около 2 месяцев назад
A flaw was found in Keycloak. This vulnerability allows an unauthentic ...
CVSS3: 7.5
github
3 месяца назад
Keycloak TLS Client-Initiated Renegotiation Denial of Service
EPSS
Процентиль: 42%
0.00204
Низкий
7.5 High
CVSS3
Дефекты
CWE-770