It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
keycloak keycloak-nodejs-auth-utils 2.5.2 |
||
keycloak keycloak-nodejs-auth-utils 2.5.3 |
||
keycloak keycloak-nodejs-auth-utils 2.5.4 |
||
keycloak keycloak-nodejs-auth-utils 2.5.0 |
||
keycloak keycloak-nodejs-auth-utils 2.5.7 |
||
keycloak keycloak-nodejs-auth-utils 3.0.0 |
||
keycloak keycloak-nodejs-auth-utils 2.5.1 |
||
keycloak keycloak-nodejs-auth-utils 2.5.5 |
||
keycloak keycloak-nodejs-auth-utils 2.5.6 |