CVE-2022-1970
CVE-2022-1970 is a security vulnerability that is still awaiting full analysis and scoring.
Key facts
- Actively exploited: Not listed in CISA KEV
- Published:
- Last modified:
Description
Rejected reason: The originally reported issue in https://github.com/syedsohaibkarim/OpenRedirect-Keycloak18.0.0 is a known misconfiguration, and recommendation already exists in the Keycloak documentation to mitigate the issue: https://www.keycloak.org/docs/latest/server_admin/index.html#open-redirectors.
Frequently asked questions
- What is CVE-2022-1970?
- Rejected reason: The originally reported issue in https://github.com/syedsohaibkarim/OpenRedirect-Keycloak18.0.0 is a known misconfiguration, and recommendation already exists in the Keycloak documentation to mitigate the issue: https://www.keycloak.org/docs/latest/server_admin/index.html#open-redirectors.
- Is CVE-2022-1970 being actively exploited?
- It is not currently listed in CISA's Known Exploited Vulnerabilities catalog, and no EPSS exploit-prediction score is available yet.
- How do I fix CVE-2022-1970?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2022-1970 published?
- CVE-2022-1970 was published on 2022-10-19 and last updated on 2024-05-29.