Lucene search
RedhatCVELIST:CVE-2020-35509HistoryAug 23, 2022 - 3:53 p.m.
CVE-2020-35509
2022-08-2315:53:02
CWE-20
redhat
www.cve.org
5
keycloak
authentication
vulnerability
data confidentiality
integrity
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity.
CNA Affected
[
{
"product": "keycloak",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "11.0.3, 12.0.0"
}
]
}
]Related
redhatcve
redhatcve
CVE-2020-35509
2021-01-04 13:00:29
osv
osv
Keycloak vulnerable to Improper Certificate Validation
2022-08-24 00:00:29
CVE-2020-35509
2022-08-23 16:15:08
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
archlinux
archlinux
[ASA-202106-53] keycloak: certificate verification bypass
2021-06-22 00:00:00
veracode
veracode
Improper Certificate Validation
2021-01-05 03:43:52
github
github
Keycloak vulnerable to Improper Certificate Validation
2022-08-24 00:00:29
nvd
nvd
CVE-2020-35509
2022-08-23 16:15:08
cve
cve
CVE-2020-35509
2022-08-23 16:15:08
nessus
nessus
redhat
redhat