Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12660

Malicious code in bioql PyPI...

8.2CVSS7.9AI score0.00385EPSS
Exploits0References10
Veracode
Veracode
added 2025/05/08 7:13 a.m.8 views

Improper Certificate Validation

org.keycloak:keycloak-services is vulnerable to Improper Certificate Validation. The vulnerability is due to insecure default configuration due to setting the verification policy to 'ALL', which unintentionally skips trust store certificate verification...

8.2CVSS6.6AI score0.00385EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2025/04/29 9:15 p.m.20 views

CVE-2025-3501

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended...

8.2CVSS0.00385EPSS
Exploits0References8
CVE
CVE
added 2025/04/29 8:45 p.m.256 views

CVE-2025-3501

CVE-2025-3501 affects Keycloak. A trust-store verification bypass occurs when the verification policy is set to ALL, causing the trust store certificate check to be skipped. Related data (GHSA-HW58-3793-42GG) shows a similar trust-verification bypass in Keycloak (hostname verification), illustrat...

8.2CVSS8.1AI score0.00385EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/04/29 8:43 p.m.16 views

CVE-2025-3501

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended. Mitigation Use the correct TLS configuration and avoid using "--tls-hostname-verifier=any"...

8.2CVSS8AI score0.00385EPSS
Exploits0References3
Rows per page
Query Builder