0.001 Low
EPSS
Percentile
48.0%
keycloak is vulnerable to information disclosure. The vulnerability exists through improper verification of certificate with host mismatch, resulting in information disclosure.
access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/
access.redhat.com/errata/RHSA-2020:2107
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758
issues.redhat.com/browse/KEYCLOAK-13285
issues.redhat.com/browse/KEYCLOAK-13798