Количество 3
Количество 3
CVE-2025-11538
A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug <port>) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine.
CVE-2025-11538
A vulnerability exists in Keycloak's server distribution where enablin ...
GHSA-j4vq-q93m-4683
Keycloak has debug default bind address
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-11538 A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug <port>) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine. | CVSS3: 6.8 | 0% Низкий | 3 месяца назад |
| CVE-2025-11538 A vulnerability exists in Keycloak's server distribution where enablin ... | CVSS3: 6.8 | 0% Низкий | 3 месяца назад |
| GHSA-j4vq-q93m-4683 Keycloak has debug default bind address | CVSS3: 6.8 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу