[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-12159":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":28,"related":29,"reserved_at":9,"published_at":34,"modified_at":35,"state":36,"summary":37,"references_raw":46,"kevs":86,"epss":87,"epss_history":90,"metrics":345,"affected":357},"CVE-2017-12159","It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-613","Insufficient Session Expiration","According to WASC, \"Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.\"","weakness","Incomplete","Base",[],[],[21],"GHSA-7fmw-85qm-h22p",[],[24,26],{"_key":25},"RHSA-2017:2904",{"_key":27},"RHSA-2017:2905",[],[30,32],{"_key":31},"CGA-MRV4-CCRX-M6PR",{"_key":33},"CGA-42X2-4C5W-FVG6","2017-10-26T17:00:00.000Z","2024-09-16T21:02:35.248Z","Modified",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":39,"epss_score":40,"severity":41,"severity_score":42,"severity_version":43,"severity_source":44,"severity_vector":45,"severity_status":36},false,"low",0.00588,"high",7.5,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[47,58,64,68,72,77,82],{"url":48,"sources":49,"tags":52},"https://bugzilla.redhat.com/show_bug.cgi?id=1484111",[50,44,51],"cve.org","osv_maven",[53,54,55,56,57],"X Refsource CONFIRM","Issue Tracking","Third Party Advisory","VDB Entry","WEB",{"url":59,"sources":60,"tags":61},"https://access.redhat.com/errata/RHSA-2017:2904",[50,44,51],[62,63,55,57],"Vendor Advisory","X Refsource REDHAT",{"url":65,"sources":66,"tags":67},"https://access.redhat.com/errata/RHSA-2017:2905",[50,44,51],[62,63,55,57],{"url":69,"sources":70,"tags":71},"https://access.redhat.com/errata/RHSA-2017:2906",[50,44,51],[62,63,55,57],{"url":73,"sources":74,"tags":75},"http://www.securityfocus.com/bid/101601",[50,44],[56,76,55],"X Refsource BID",{"url":78,"sources":79,"tags":80},"https://nvd.nist.gov/vuln/detail/CVE-2017-12159",[51],[81],"Advisory",{"url":83,"sources":84,"tags":85},"https://web.archive.org/web/20210124113906/http://www.securityfocus.com/bid/101601",[51],[57],[],{"date":88,"score":40,"percentile":89},"2026-06-04",0.69506,[91,94,97,100,103,106,109,112,115,118,121,124,127,130,132,135,138,140,143,146,149,151,153,156,158,161,164,167,170,173,176,178,181,184,186,188,191,194,197,200,203,206,208,211,214,217,220,223,226,229,232,235,238,241,244,247,249,252,255,258,261,263,266,269,271,274,277,280,282,285,288,291,294,297,300,303,306,308,310,313,316,319,322,325,327,330,333,336,339,342],{"date":92,"score":40,"percentile":93},"2025-11-04",0.68238,{"date":95,"score":40,"percentile":96},"2025-11-05",0.6822,{"date":98,"score":40,"percentile":99},"2025-11-06",0.68222,{"date":101,"score":40,"percentile":102},"2025-11-07",0.68232,{"date":104,"score":40,"percentile":105},"2025-11-08",0.68235,{"date":107,"score":40,"percentile":108},"2025-11-09",0.68227,{"date":110,"score":40,"percentile":111},"2025-11-10",0.68217,{"date":113,"score":40,"percentile":114},"2025-11-11",0.68225,{"date":116,"score":40,"percentile":117},"2025-11-12",0.68249,{"date":119,"score":40,"percentile":120},"2025-11-13",0.68258,{"date":122,"score":40,"percentile":123},"2025-11-14",0.68265,{"date":125,"score":40,"percentile":126},"2025-11-15",0.68263,{"date":128,"score":40,"percentile":129},"2025-11-16",0.68261,{"date":131,"score":40,"percentile":120},"2025-11-17",{"date":133,"score":40,"percentile":134},"2025-11-18",0.66586,{"date":136,"score":40,"percentile":137},"2025-11-19",0.66593,{"date":139,"score":40,"percentile":134},"2025-11-20",{"date":141,"score":40,"percentile":142},"2025-11-21",0.68276,{"date":144,"score":40,"percentile":145},"2025-11-22",0.68278,{"date":147,"score":40,"percentile":148},"2025-11-23",0.68268,{"date":150,"score":40,"percentile":120},"2025-11-24",{"date":152,"score":40,"percentile":123},"2025-11-25",{"date":154,"score":40,"percentile":155},"2025-11-26",0.68272,{"date":157,"score":40,"percentile":155},"2025-11-27",{"date":159,"score":40,"percentile":160},"2025-11-28",0.68259,{"date":162,"score":40,"percentile":163},"2025-11-29",0.68243,{"date":165,"score":40,"percentile":166},"2025-11-30",0.6824,{"date":168,"score":40,"percentile":169},"2025-12-01",0.68394,{"date":171,"score":40,"percentile":172},"2025-12-02",0.68401,{"date":174,"score":40,"percentile":175},"2025-12-03",0.68397,{"date":177,"score":40,"percentile":102},"2025-12-04",{"date":179,"score":40,"percentile":180},"2025-12-05",0.68246,{"date":182,"score":40,"percentile":183},"2025-12-06",0.68251,{"date":185,"score":40,"percentile":180},"2025-12-07",{"date":187,"score":40,"percentile":183},"2025-12-08",{"date":189,"score":40,"percentile":190},"2025-12-09",0.68279,{"date":192,"score":40,"percentile":193},"2025-12-10",0.68324,{"date":195,"score":40,"percentile":196},"2025-12-11",0.68343,{"date":198,"score":40,"percentile":199},"2025-12-12",0.68369,{"date":201,"score":40,"percentile":202},"2025-12-13",0.68373,{"date":204,"score":40,"percentile":205},"2025-12-14",0.68375,{"date":207,"score":40,"percentile":205},"2025-12-15",{"date":209,"score":40,"percentile":210},"2025-12-16",0.68381,{"date":212,"score":40,"percentile":213},"2025-12-17",0.68392,{"date":215,"score":40,"percentile":216},"2025-12-18",0.68425,{"date":218,"score":40,"percentile":219},"2025-12-19",0.68444,{"date":221,"score":40,"percentile":222},"2025-12-20",0.68443,{"date":224,"score":40,"percentile":225},"2025-12-21",0.68427,{"date":227,"score":40,"percentile":228},"2025-12-22",0.68426,{"date":230,"score":40,"percentile":231},"2025-12-23",0.68422,{"date":233,"score":40,"percentile":234},"2025-12-24",0.68431,{"date":236,"score":40,"percentile":237},"2025-12-25",0.6846,{"date":239,"score":40,"percentile":240},"2025-12-26",0.68462,{"date":242,"score":40,"percentile":243},"2025-12-27",0.68508,{"date":245,"score":40,"percentile":246},"2025-12-28",0.68434,{"date":248,"score":40,"percentile":225},"2025-12-29",{"date":250,"score":40,"percentile":251},"2025-12-30",0.68441,{"date":253,"score":40,"percentile":254},"2025-12-31",0.68459,{"date":256,"score":40,"percentile":257},"2026-01-01",0.68639,{"date":259,"score":40,"percentile":260},"2026-01-02",0.68628,{"date":262,"score":40,"percentile":260},"2026-01-03",{"date":264,"score":40,"percentile":265},"2026-01-04",0.68463,{"date":267,"score":40,"percentile":268},"2026-01-05",0.68452,{"date":270,"score":40,"percentile":240},"2026-01-06",{"date":272,"score":40,"percentile":273},"2026-01-07",0.6848,{"date":275,"score":40,"percentile":276},"2026-01-08",0.68496,{"date":278,"score":40,"percentile":279},"2026-01-09",0.68504,{"date":281,"score":40,"percentile":279},"2026-01-10",{"date":283,"score":40,"percentile":284},"2026-01-11",0.68497,{"date":286,"score":40,"percentile":287},"2026-01-12",0.68487,{"date":289,"score":40,"percentile":290},"2026-01-13",0.68486,{"date":292,"score":40,"percentile":293},"2026-01-14",0.6852,{"date":295,"score":40,"percentile":296},"2026-01-15",0.68525,{"date":298,"score":40,"percentile":299},"2026-01-16",0.68539,{"date":301,"score":40,"percentile":302},"2026-01-17",0.6853,{"date":304,"score":40,"percentile":305},"2026-01-18",0.68519,{"date":307,"score":40,"percentile":243},"2026-01-19",{"date":309,"score":40,"percentile":305},"2026-01-20",{"date":311,"score":40,"percentile":312},"2026-01-21",0.68527,{"date":314,"score":40,"percentile":315},"2026-01-22",0.68537,{"date":317,"score":40,"percentile":318},"2026-01-23",0.68565,{"date":320,"score":40,"percentile":321},"2026-01-24",0.68577,{"date":323,"score":40,"percentile":324},"2026-01-25",0.68547,{"date":326,"score":40,"percentile":299},"2026-01-26",{"date":328,"score":40,"percentile":329},"2026-01-27",0.68543,{"date":331,"score":40,"percentile":332},"2026-01-28",0.68555,{"date":334,"score":40,"percentile":335},"2026-01-29",0.68556,{"date":337,"score":40,"percentile":338},"2026-01-30",0.68561,{"date":340,"score":40,"percentile":341},"2026-01-31",0.68567,{"date":343,"score":40,"percentile":344},"2026-02-01",0.68717,[346,355],{"source":44,"cvss_v2_0":347,"cvss_v3_0":352,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":348,"baseSeverity":9,"vectorString":349,"impactScore":350,"exploitabilityScore":351},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":42,"baseSeverity":353,"vectorString":45,"impactScore":354,"exploitabilityScore":351},"HIGH",6,{"source":51,"cvss_v2_0":9,"cvss_v3_0":356,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":42,"baseSeverity":9,"vectorString":45,"impactScore":354,"exploitabilityScore":351},[358,365,378,383],{"ecosystem":9,"name":359,"vendor":359,"product":359,"cpe_part":360,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":361},"keycloak","a",[362],{"version":363,"is_range":38,"range_type":364,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na","cpe",{"ecosystem":366,"name":367,"vendor":368,"product":369,"cpe_part":9,"purl_type":370,"purl_namespace":368,"purl_name":369,"source":9,"versions":371},"Maven","org.keycloak:keycloak-parent","org.keycloak","keycloak-parent","maven",[372],{"version":373,"is_range":374,"range_type":375,"version_start":9,"version_start_type":9,"version_end":376,"version_end_type":377,"fixed_in":9},"lt3_4_0",true,"ecosystem","3.4.0","excluding",{"ecosystem":9,"name":359,"vendor":379,"product":359,"cpe_part":360,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":380},"red hat, inc.",[381],{"version":376,"is_range":38,"range_type":50,"version_start":376,"version_start_type":382,"version_end":376,"version_end_type":382,"fixed_in":9},"including",{"ecosystem":9,"name":384,"vendor":385,"product":386,"cpe_part":360,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":387},"single sign on","redhat","single_sign_on",[388,390],{"version":389,"is_range":38,"range_type":364,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":391,"is_range":38,"range_type":364,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1"]