CVE-2020-10758

Published: Sep 16, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.

Vendor	Product	Versions
n/a	Keycloak	affected `Keycloak before 11.0.1`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1843849

x_refsource_MISC

https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-10758

Description

Affected Products

References