CVE-2020-1717 #28172
canon-cmre-benoit-lecardonnel
started this conversation in
Keycloak.X - Quarkus distribution
CVE-2020-1717
#28172
Replies: 1 comment 7 replies
-
@canon-cmre-benoit-lecardonnel CVE-2020-1717 is a vulnerability found in Keycloak version 7.0.1, actually we are at Keycloak 24.0.2. We strongly advise our users to upgrade, so they can benefit from the security updates. |
Beta Was this translation helpful? Give feedback.
7 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
Our instance of Dependency-Track has flagged the keycloak-services 23.0.7 JAR: it says it's impacted by CVE-2020-1717.
There is little info available online about this CVE, so not sure whether it is still valid for recent KC versions.
Maybe there is some info at https://issues.redhat.com/browse/KEYCLOAK-12014, but I cannot access that page.
Do you know about this CVE? Does it still impact KC 23.0.7?
Thanks,
Ben
Beta Was this translation helpful? Give feedback.
All reactions