CVE-2020-10758
N/A
N/A
Summary
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Keycloak | Keycloak before 11.0.1 | affected |
Weaknesses
- Denial of service
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1843849
- https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1843849
- https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.