GHSA-vhvq-jh34-3fc8 — Vulnetix

GHSA-vhvq-jh34-3fc8 REJECTED

Duplicate Advisory: Keycloak allows impersonation and lockout due to email trust not being handled correctly

Affected Products

Vendor	Product	Versions
Maven	org.keycloak:keycloak-core	0, 1.1.1.Final, 1.2.0.CR1

Timeline

Dec 6, 2024 CVE Rejected
Dec 6, 2024 CVE Updated
Mar 2, 2026 Security Advisory

References

https://nvd.nist.gov/vuln/detail/CVE-2023-0105 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2158910 url
https://github.com/keycloak/keycloak product
GitHub Advisory GHSA-vhvq-jh34-3fc8 vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-0105 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›