2 matches found
PT-2023-16006 · Keycloak +1 · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in Keycloak where it did not properly check client tokens for possible revocation in its client credential flow. This allows an attacker to access or modify potentially...
PT-2021-11425 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak versions prior to 13.0.0 Description: A flaw was found in the client registration endpoint, allowing it to fetch information about PUBLIC clients, such as client secrets, without authentication. This could be an issue if the same...