keycloak

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Open Source Identity and Access Management For Modern Applications and Services
Version 11.0.0-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1158 10.0.0-1 10.0.1-1 High Fixed FS#66642
Issue Group Severity Remote Type Description
CVE-2020-1714 AVG-1158 High Yes Arbitrary code execution
A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject...

Advisories

Date Advisory Group Severity Description
16 May 2020 ASA-202005-8 AVG-1158 High arbitrary code execution