5 matches found
GHSA-72J4-94RX-CR6W Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
CVE-2020-1694
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
keycloak: verify-token-audience support is missing in the NodeJS adapter
A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...
CVE-2020-1694
A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...