Denial Of Service (DoS)

🗓️ 02 Dec 2025 05:22:25Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 3 Views

DoS in Keycloak Quarkus due to default TLS renegotiation enabling client requests to exhaust CPU.

Reporter	Title	Published	Views	Family All 23
Circl	CVE-2025-11419	23 Dec 202522:07	–	circl
CNNVD	Keycloak 安全漏洞	23 Dec 202500:00	–	cnnvd
CVE	CVE-2025-11419	23 Dec 202520:42	–	cve
Cvelist	CVE-2025-11419 Keycloak: keycloak tls client-initiated renegotiation denial of service	23 Dec 202520:42	–	cvelist
EUVD	EUVD-2025-36356	23 Dec 202520:42	–	euvd
Github Security Blog	Keycloak TLS Client-Initiated Renegotiation Denial of Service	27 Oct 202520:46	–	github
NVD	CVE-2025-11419	23 Dec 202521:15	–	nvd
OSV	GHSA-Q8HQ-4H99-FJ7X Keycloak TLS Client-Initiated Renegotiation Denial of Service	27 Oct 202520:46	–	osv
Positive Technologies	PT-2025-44075	27 Oct 202500:00	–	ptsecurity
RedHat Linux	Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.16 Images Update	16 Oct 202514:47	–	redhat

Vulners

Node

keycloak-quarkus-dist keycloak-quarkus-distRange17.0.0–26.0.15java

keycloak-quarkus-dist keycloak-quarkus-distRange26.1.0–26.2.9java

keycloak-quarkus-dist keycloak-quarkus-distRange26.3.0–26.4.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch17.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch17.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.7java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.7java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.8java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.5java

keycloak-quarkus-dist keycloak-quarkus-distRange17.0.0–26.0.15java

keycloak-quarkus-dist keycloak-quarkus-distRange26.1.0–26.2.9java

keycloak-quarkus-dist keycloak-quarkus-distRange26.3.0–26.4.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch17.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch17.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch18.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch19.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch20.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch21.1.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch22.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch23.0.7java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch24.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch25.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.6java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.7java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.0.8java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.1.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.2.5java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.0java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.1java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.2java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.3java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.4java

keycloak-quarkus-dist keycloak-quarkus-distMatch26.3.5java

keycloak-quarkus-dist keycloak-quarkus-distRange17.0.0–26.0.8java

keycloak-quarkus-dist keycloak-quarkus-distRange26.1.0–26.2.5java

Source	Link
github	www.github.com/keycloak/keycloak/security/advisories/GHSA-q8hq-4h99-fj7x
github	www.github.com/keycloak/keycloak
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2025-11419
access	www.access.redhat.com/errata/RHSA-2025:18890
github	www.github.com/keycloak/keycloak/issues/43020
access	www.access.redhat.com/errata/RHSA-2025:18255
access	www.access.redhat.com/errata/RHSA-2025:18254
access	www.access.redhat.com/errata/RHSA-2025:18889
github	www.github.com/keycloak/keycloak/discussions/25209

24 Apr 2026 19:59Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.17.5

EPSS0.00105

SSVC