MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2ZmMtZzhqNS05Y2Nm

Low EPSS: 0.00183% (0.40482 Percentile) EPSS:

Permalink JSON

Generation of Error Message Containing Sensitive Information in Keycloak

Affected Packages	Affected Versions	Fixed Versions
maven:org.keycloak:keycloak-parent	<= 7.0.1	No known fixed version
9 Dependent packages 41 Dependent repositories Affected Version Ranges All affected versions 5.0.0, 6.0.0, 6.0.1, 7.0.0, 7.0.1

A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.

References: