You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Session hijacking, DoS, XSS, Leak of LADP, Path traversal ... 😬
Unless you plan to actively maintaining your keycloak instance with regular updates,
it's only a matter of time before another critical vulnerability appears and your auth is hacked.
It's a good thing that RedHat are using it: https://access.redhat.com/products/red-hat-build-of-keycloak
Means that security-minded people have their eyes on it. 👀
But unless you have a system to automatically update and reboot your instance, it will get out-of-date fast!
The text was updated successfully, but these errors were encountered:
Someone asked the question on our call today: "why don't we just use
keycloakfor auth?"https://github.com/keycloak/keycloak
In a single word:
Securityhttps://github.com/keycloak/keycloak/security
Session hijacking,DoS,XSS, Leak of LADP, Path traversal ... 😬Unless you plan to actively maintaining your
keycloakinstance with regular updates,it's only a matter of time before another critical vulnerability appears and your auth is hacked.
It's a good thing that
RedHatare using it: https://access.redhat.com/products/red-hat-build-of-keycloakMeans that security-minded people have their eyes on it. 👀
But unless you have a system to automatically update and reboot your instance, it will get out-of-date fast!
The text was updated successfully, but these errors were encountered: