Security Advisory

CVE-2020-14366

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-09 16:50:08

Last updated 2024-08-04 12:46:33

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw

← Browse all CVEs View on cve.org ↗