CVE-2025-3501

Опубликовано: 29 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

Пакет	Статус	Версия исправления	Релиз	Тип
keycloak	itp			package

EPSS

Процентиль: 4%

0.00019

Низкий

CVE-2025-3501

CVSS3: 8.2

redhat

8 месяцев назад

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

CVE-2025-3501

CVSS3: 8.2

nvd

8 месяцев назад

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

GHSA-hw58-3793-42gg

CVSS3: 8.2

github

8 месяцев назад

Keycloak hostname verification

EPSS

Процентиль: 4%

0.00019

Низкий