0.001 Low
EPSS
Percentile
40.9%
keycloak is vulnerable to denial of service (DoS). The vulnerability exists through multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body.
access.redhat.com/errata/RHSA-2020:3495
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1843849
github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251