---

CVE-2020-14366 - log back

CVE-2020-14366 edited at 19 Jan 2021 13:28:10
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Directory traversal
Description	+ A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1869764 + https://issues.redhat.com/browse/KEYCLOAK-15012

CVE-2020-14366 created at 19 Jan 2021 13:25:55
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes