Lucene search
K

4 matches found

OSV
OSV
added 2025/10/08 11:32 p.m.2 views

GHSA-8HXP-QMPH-W5GQ Keycloak Potential Variable Reference in Model Storage Services

A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...

4.9CVSS5.8AI score0.0046EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2025/10/08 11:32 p.m.8 views

Keycloak Potential Variable Reference in Model Storage Services

A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...

4.9CVSS6.9AI score0.0046EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2025/08/21 3:40 p.m.7 views

CVE-2025-9162 Org.keycloak/keycloak-model-storage-service: variable injection into environment variables

A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...

4.9CVSS0.0046EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.4 views

PT-2025-34237

Name of the Vulnerable Software and Affected Versions: org.keycloak/keycloak-model-storage-service affected versions not specified Description: A flaw exists in the KeycloakRealmImport custom resource, which substitutes placeholders within imported realm documents, referencing environment...

4.9CVSS4.2AI score0.0046EPSS
Exploits0References19
Rows per page
Query Builder