CNNVD-202601-1565 Information
Jan 08, 2026
cve
CNNVD ID
CNNVD-202601-1565
Related CVE
- CNNVD Published: 2026-01-08
Description (Chinese)
Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在安全漏洞,该漏洞源于Authorization标头解析器对Bearer认证方案格式过于宽松,可能导致非标准字符被接受。
Description (English)
Keycloak is an open-source identity and access management solution for Keycloak. There is a security loophole in Keycloak, which stems from the fact that the Authorization Catalyst is too loose for the Bearer authentication program, which may lead to the acceptance of non-standard characters.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Keycloak
Published
2026-01-08
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2026-0707 https://bugzilla.redhat.com/show_bug.cgi?id=2427768
Patch
https://www.keycloak.org/downloads
Share on: