CVE-2020-1725
published 2021-01-28CVE-2020-1725: A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and…
medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | keycloak | < 13.0.0 | 13.0.0 |
| redhat | keycloak | — | — |