Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.6 views

org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: Security flaw in org.keycloak/keycloak-services

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.4AI score0.00281EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 9:31 a.m.7 views

GHSA-83C4-FFJP-MXP9 Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.8AI score0.00281EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2026/05/19 9:31 a.m.10 views

Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.8AI score0.00281EPSS
Exploits0References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 6:27 a.m.10 views

CVE-2026-8922

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.8AI score0.00281EPSS
Exploits0References7
Rows per page
Query Builder