CNNVD-202601-3017 Information

CNNVD ID

CNNVD-202601-3017

Related CVE

CVE-2026-1190

• CNNVD Published: 2026-01-19

Description (Chinese)

Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在安全漏洞，该漏洞源于未检查SubjectConfirmationData中的NotOnOrAfter，可能导致响应延迟。

Description (English)

Keycloak is an open-source identity and access management solution for Keycloak. There is a security loophole in Keycloak, which originates from the failure to check NotOnOrAfter in the SubjectConfirrationData, which may have delayed response.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Keycloak

Published

2026-01-19

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2026-1190 https://bugzilla.redhat.com/show_bug.cgi?id=2430835 https://access.redhat.com/security/cve/cve-2026-1190