SB2025043036 - Multiple vulnerabilities in Red Hat build of Keycloak 26.0

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025043036

SB2025043036 - Multiple vulnerabilities in Red Hat build of Keycloak 26.0

Published: April 30, 2025

Security Bulletin ID SB2025043036
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 86% Low 14%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2025-2559)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when caching JWT tokens. If a client uses JWT tokens with an excessively long expiration time, for example, 24 or 48 hours, the cache can grow indefinitely leading to denial of service.


2) Improper validation of certificate with host mismatch (CVE-ID: CVE-2025-3501)

The vulnerability allows a remote attacker to bypass implemented security restrictions. 

The vulnerability exists due to an error in org.keycloak.protocol.services package, when setting a verification policy to "ALL", which causes the application to skip trust store certificate verification. A remote attacker can perform MitM attack.


3) Protection Mechanism Failure (CVE-ID: CVE-2025-3910)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to an error in the org.keycloak.authorization package. A remote user can disable two factor authentication imposed by the application.


4) Buffer overflow (CVE-ID: CVE-2025-0395)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when the assert() function fails. A remote attacker can trigger memory corruption and perform a denial of service (DoS) attack.


5) Improper input validation (CVE-ID: CVE-2025-21587)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


6) Improper input validation (CVE-ID: CVE-2025-30691)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Compiler component in Oracle Java SE. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


7) Improper input validation (CVE-ID: CVE-2025-30698)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the 2D component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


Remediation

Install update from vendor's website.

References