VYPR
High severity8.2GHSA Advisory· Published Apr 29, 2025· Updated Apr 15, 2026

CVE-2025-3501

CVE-2025-3501

Description

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.keycloak:keycloak-servicesMaven
< 26.2.226.2.2

Affected products

8

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.