exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2024-1249

почти 2 года назад

A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.

CVSS3: 7.4

EPSS: Низкий

CVE-2024-1249

почти 2 года назад

A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.

CVSS3: 7.4

EPSS: Низкий

CVE-2024-1249

почти 2 года назад

A flaw was found in Keycloak's OIDC component in the "checkLoginIframe ...

CVSS3: 7.4

EPSS: Низкий

GHSA-m6q9-p373-g5q8

почти 2 года назад

Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS

CVSS3: 7.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-1249 A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.	CVSS3: 7.4	0% Низкий	почти 2 года назад
CVE-2024-1249 A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.	CVSS3: 7.4	0% Низкий	почти 2 года назад
CVE-2024-1249 A flaw was found in Keycloak's OIDC component in the "checkLoginIframe ...	CVSS3: 7.4	0% Низкий	почти 2 года назад
GHSA-m6q9-p373-g5q8 Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS	CVSS3: 7.4	0% Низкий	почти 2 года назад

Уязвимостей на страницу