Guanping Zhang

**Name of the Vulnerable Software and Affected Versions** Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 **Description** The `JwtAccessTokenValidator` class fails to validate the `aud` (Audience) claims of incoming JWT access tokens. This flaw enables a JWT issued for one Resource Server to be replayed against a different Resource Server, resulting in Token Confusion or Routing attacks. **Recommendations** Upgrade to version 4.2.2. Upgrade to version 4.1.7.

**Name of the Vulnerable Software and Affected Versions** Keycloak (affected versions not specified) **Description** The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters, such as tabs, as separators and tolerates case variations that deviate from RFC 6750 specifications. This could potentially lead to a security control bypass. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.