2 matches found
EUVD-2025-203501
A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...
com.sap.cloud.security:resourceserver-security-spring-boot-starter (>=0.1.0 <=2.16.0) potentially affected by CVE-2023-50422 +1 more via com.sap.cloud.security:spring-security (>=0.1.0 <=2.16.0)
com.sap.cloud.security:spring-security MAVEN version =0.1.0, =0.1.0, =2.16.0 Source cves: CVE-2023-50422, CVE-2023-50424 Source advisory: OSV:GHSA-59C9-PXQ8-9C73...