3 matches found
CVE-2025-10043
creationtimestamp| type| source ---|---|--- 2025-09-05 20:28:18+00:00| seen| Telegram/OOZmXb48tdgrab9kK0MYv3iXmzjwoBY8ETLGPKm1Lk4tg...
CVE-2025-10043
A path traversal validation flaw exists in Keycloak’s vault key handling on Windows. The previous fix for CVE-2024-10492 did not account for the Windows file separator \. As a result, a high-privilege administrator could probe for the existence of files outside the expected realm context through...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +219 more potentially affected by CVE-2024-10492 +1 more via org.keycloak:keycloak-services (>=10.0.0 <=9.0.3)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =0.1, =0.1, =1.0.1, =0.1, =1.0.1, =0.1, =1.2.0, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...