PT-2025-12782 · Red Hat · Keycloak

Published

2025-03-25

Updated

2026-05-06

CVE-2025-2559

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A flaw was found in the system when the configuration uses JWT tokens for authentication. The tokens are cached until expiration, and if a client uses JWT tokens with an excessively long expiration time, the cache can grow indefinitely, leading to an OutOfMemoryError. This issue could result in a denial of service condition, preventing legitimate users from accessing the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2025-2559

GHSA-2935-2WFM-HHPV

Affected Products

Keycloak

PT-2025-12782 · Red Hat · Keycloak

CVE-2025-2559

Weakness Enumeration

Related Identifiers

Affected Products

References · 14