19 matches found
CVE-2026-9704 Keycloak: keycloak: privilege escalation due to oversized subject_token jwt
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...
EUVD-2026-32300
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...
CVE-2026-9704
Summary: CVE-2026-9704 affects Keycloak. An authenticated user with low privileges can trigger privilege escalation by sending an oversized subject_token JWT to the TokenEndpoint; if the token exceeds 4000 characters, it is silently dropped, causing the system to fall back to client credentials a...
CVE-2026-9704
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...
Improper Validation of Specified Quantity in Input
Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the TokenEndpoint endpoint when an oversized subjecttok...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. There is a security vulnerability in Keycloak. This vulnerability arises when authenticated low-privilege users can send excessively large SubjectToken JWT tokens to the TokenEndpoint. When the token...
CVE-2026-31696
Summary (CVE-2026-31696) : In the Linux kernel’s rxrpc code, the non-XDR key parsing path (rxrpc_preparse()) lacked a validation check for ticket length, unlike the XDR path. This allowed an unprivileged user to supply a very large ticket length, causing the computed total token size (toksize) to...
CVE-2025-65015 joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In versions from 1.3.3 to before 1.3.5 and from 1.4.0 to before 1.4.2, the ExceededSizeError exception messages are embedded with non-decoded JWT token parts and may cause...
EUVD-2025-29016
Malicious code in bioql PyPI...
CVE-2025-10094 Improper Validation of Specified Quantity in Input in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large...
GitLab 10.7 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-10094)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability in GitLab Enterprise Edition EE and GitLab Community Edition ...
CVE-2025-58447
rAthena is an open-source cross-platform massively multiplayer online role playing game MMORPG server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted CASSOLOGINREQ with an oversized...
CVE-2025-58447 rAthena has heap-based buffer overflow in login server
rAthena is an open-source cross-platform massively multiplayer online role playing game MMORPG server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted CASSOLOGINREQ with an oversized...
CVE-2025-58447 rAthena has heap-based buffer overflow in login server
rAthena is an open-source cross-platform massively multiplayer online role playing game MMORPG server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted CASSOLOGINREQ with an oversized...
CVE-2025-58447 rAthena has heap-based buffer overflow in login server
rAthena is an open-source cross-platform massively multiplayer online role playing game MMORPG server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted CASSOLOGINREQ with an oversized...
PT-2025-36991
Name of the Vulnerable Software and Affected Versions: rAthena versions prior to commit 2f5248b Description: rAthena is an open-source cross-platform massively multiplayer online role playing game MMORPG server. A heap-based buffer overflow exists in the login server. Sending a crafted CA SSO LOG...
OESA-2024-2444 python-jwcrypto security update
Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression...
DEBIAN-CVE-2013-0270
A flaw was found in OpenStack Keystone. A remote attacker could exploit this vulnerability by sending a large HTTP request, specifically by providing a long tenant name when requesting a token. This could lead to a denial of service, consuming excessive CPU and memory resources on the affected...