Количество 4
Количество 4
CVE-2023-0657
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
CVE-2023-0657
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
CVE-2023-0657
A flaw was found in Keycloak. This issue occurs due to improperly enfo ...
GHSA-7fpj-9hr8-28vh
Keycloak vulnerable to impersonation via logout token exchange
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-0657 A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions. | CVSS3: 3.4 | 0% Низкий | почти 2 года назад |
 | CVE-2023-0657 A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions. | CVSS3: 3.4 | 0% Низкий | около 1 года назад |
| CVE-2023-0657 A flaw was found in Keycloak. This issue occurs due to improperly enfo ... | CVSS3: 3.4 | 0% Низкий | около 1 года назад |
| GHSA-7fpj-9hr8-28vh Keycloak vulnerable to impersonation via logout token exchange | CVSS3: 3.4 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу