VDB
CVE-2025-3501
CVE-2025-3501
PUBLISHED
Keycloak ermöglicht Single Sign-On mit Identity and Access Management für moderne Anwendungen und Dienste.
EPSS 0.09% · 26.0th percentile
Risk Scores
EPSS Score
0.09%
26.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux build of Keycloak <26.0.11 | |
| Open Source | Open Source Keycloak <26.2.2 | |
| Hitachi | Hitachi Ops Center | |
| Red Hat | Red Hat Enterprise Linux |
Exploit Intelligence
- CIRCL seen: CVE-2025-3501 (circl-sighting)
- CIRCL seen: CVE-2025-3501 (circl-sighting)
- CIRCL seen: CVE-2025-3501 (circl-sighting)
- CIRCL seen: CVE-2025-3501 (circl-sighting)
- CIRCL seen: CVE-2025-3501 (circl-sighting)
- RHSA-2025:8690 (circl)
- https://github.com/keycloak/keycloak/issues/39350 (circl)
- https://github.com/keycloak/keycloak/pull/39366 (circl)
- RHBZ#2358834 (circl)
- https://access.redhat.com/security/cve/CVE-2025-3501 (circl)
…and 3 more exploits
Timeline
- Apr 29, 2025 CVE Published
- Apr 29, 2025 PoC Published
- Apr 29, 2025 PoC Published
- Apr 29, 2025 PoC Published
- Apr 29, 2025 PoC Published
- Apr 30, 2025 EPSS Score
- Apr 30, 2025 PoC Published
- May 12, 2025 EPSS Score
- May 24, 2025 EPSS Score
- Jun 5, 2025 EPSS Score
- Jun 17, 2025 EPSS Score
- Jun 21, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0908.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0908 advisory
- https://github.com/advisories/GHSA-r934-w73g-v4p8 advisory
- https://github.com/advisories/GHSA-fx44-2wx5-5fvp advisory
- https://access.redhat.com/errata/RHSA-2025:4335 advisory
- https://access.redhat.com/errata/RHSA-2025:4336 advisory
- https://www.keycloak.org/2025/04/keycloak-2622-released advisory
- https://access.redhat.com/errata/RHSA-2025:8672 advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-127/index.html advisory