EUVD-2025-0239

Malicious code in bioql PyPI...

Keycloak 25.0.x < 26.0.6 Information Disclosure (GHSA-6mpx-pmgp-ww49)

Keycloak versions installed prior to 26.0.6 are affected by an information disclosure vulnerability as referenced in the advisory. - A vulnerability was found in Keycloak. The environment option KCCACHEEMBEDDEDMTLSENABLED does not work and the JGroups replication configuration is always used in...

CVE-2024-10973 Keycloak: cli option for encrypted jgroups ignored

A vulnerability was found in Keycloak. The environment option KCCACHEEMBEDDEDMTLSENABLED does not work and the JGroups replication configuration is always used in plain text which can allow an attacker that has access to adjacent networks related to JGroups to read sensitive information...

CVE-2024-10973

Keycloak vulnerability CVE-2024-10973: the KC_CACHE_EMBEDDED_MTLS_ENABLED environment option does not work and JGroups replication is used in plain text, allowing an attacker on adjacent networks to read sensitive information. The issue affects Keycloak deployments relying on this configuration; ...

Red Hat Keycloak 安全漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak that stems from the environment option not working and the JGroups replication configuratio...