CVE-2020-35509
published 2022-08-23CVE-2020-35509: A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of…
medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | keycloak | — | — |
| redhat | keycloak | — | — |
| redhat | keycloak | — | — |