Description
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
Remediation
References
https://access.redhat.com/security/cve/CVE-2023-0091
Related Vulnerabilities
CVE-2015-6524 Vulnerability in maven package org.apache.activemq:activemq-jaas
CVE-2023-36477 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui
CVE-2015-7501 Vulnerability in maven package org.apache.commons:commons-collections4
CVE-2023-31125 Vulnerability in npm package engine.io
CVE-2023-48796 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-api