5 matches found
CVE-2023-0657 vulnerabilities
Vulnerabilities for packages: keycloak-fips, keycloak...
CVE-2023-0657 vulnerabilities
Vulnerabilities for packages: keycloak...
CVE-2023-0657
creationtimestamp| type| source ---|---|--- 2024-11-17 10:25:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113497810108556154 2024-11-17 12:56:57+00:00| seen| https://t.me/cvedetector/11257...
CVE-2023-0657
The CVE-2023-0657 entries concern Keycloak, where a flaw is described as improper enforcement of token types when validating signatures locally. This could let an authenticated attacker exchange a logout token for an access token, potentially accessing data outside of enforced permissions. The co...
com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +79 more potentially affected by CVE-2023-0657 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=22.0.1)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.6 - io.github.jeff-tian:keycloak-phone-provider =2.3.10 and more Source cves: CVE-2023-0657 Source advisor...