CVE-2025-3501

Опубликовано: 29 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

Пакет	Статус	Версия исправления	Релиз	Тип
keycloak	itp			package

EPSS

Процентиль: 1%

0.00012

Низкий

CVE-2025-3501

CVSS3: 8.2

redhat

5 месяцев назад

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

CVE-2025-3501

CVSS3: 8.2

nvd

5 месяцев назад

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

GHSA-hw58-3793-42gg

CVSS3: 8.2

github

5 месяцев назад

Keycloak hostname verification

EPSS

Процентиль: 1%

0.00012

Низкий