Количество 4
Количество 4
CVE-2020-1714
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.
CVE-2020-1714
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.
CVE-2020-1714
A flaw was found in Keycloak before version 11.0.0, where the code bas ...
GHSA-m6mm-q862-j366
Improper Input Validation in Keycloak
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-1714 A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. | CVSS3: 7.5 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-1714 A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. | CVSS3: 8.8 | 2% Низкий | больше 5 лет назад |
| CVE-2020-1714 A flaw was found in Keycloak before version 11.0.0, where the code bas ... | CVSS3: 8.8 | 2% Низкий | больше 5 лет назад |
| GHSA-m6mm-q862-j366 Improper Input Validation in Keycloak | CVSS3: 8.8 | 2% Низкий | около 4 лет назад |
Уязвимостей на страницу