CVE-2023-0091

Description

Keycloak has lack of validation of access token on client registrations endpoint

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg
• https://nvd.nist.gov/vuln/detail/CVE-2023-0091
• https://access.redhat.com/security/cve/CVE-2023-0091
• https://github.com/keycloak/keycloak