VDB
RHSA-2020%3A5625
RHSA-2020%3A5625
PUBLISHED
CVSS 5 MEDIUM
A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.
Risk Scores
CVSS 3.1
5
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Single Sign-On 7.4.0 |
Timeline
- Dec 17, 2020 CVE Published
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2020:5625 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=distributions&version=7.4 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1800573 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1819208 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1821304 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1821311 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1821315 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1826798 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1826805 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5625.json advisory
- https://access.redhat.com/security/cve/CVE-2020-1698 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1790292 issue
- https://www.cve.org/CVERecord?id=CVE-2020-1698 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1698 advisory
- https://access.redhat.com/security/cve/CVE-2020-1727 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-1727 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1727 advisory
- https://access.redhat.com/security/cve/CVE-2020-10968 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-10968 advisory
…and 19 more