CVE-2017-2646: Loop with Unreachable Exit Condition (Infinite Loop)
(updated )
When Keycloak receives a Logout request in the middle of the request, the SAMLSloRequestParser.parse()
method ends in an infinite loop. An attacker could use this flaw to conduct denial of service attacks.
References
Detect and mitigate CVE-2017-2646 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →