keycloak: X509 Direct Grant Auth does not verify certificate timestamp validity

A flaw was found in keycloak. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity...

Red Hat Keycloak Trust Management Issues Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A trust management issue vulnerability exists in Red Hat Keycloak that does not validate the timestamp validity of certificates...