CVE-2020-10758
published 2020-09-16CVE-2020-10758: A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | keycloak | < 11.0.1 | 11.0.1 |
| redhat | keycloak | — | — |
| redhat | openshift_application_runtimes | — | — |
| redhat | single_sign-on | — | — |
| redhat | single_sign-on | — | — |