0.008 Low
EPSS
Percentile
81.9%
keycloak-common is vulnerable to remote code execution. The vulnerability exists due to the lack of validation of classes check when using the ObjectInputStream.
bugzilla.redhat.com/show_bug.cgi?id=1705975
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714
github.com/keycloak/keycloak/commit/2e34cd474b14e115d8df57718b135398848f0c0c
github.com/keycloak/keycloak/pull/7053
issues.jboss.org/browse/KEYCLOAK-10162