Maven package
org.apache.camel/camel-keycloak
pkg:maven/org.apache.camel/camel-keycloak
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23552 | — | >= 4.15.0, < 4.18.0 | 4.18.0 | Feb 23, 2026 | Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component. The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss (issuer) claim of JWT tokens against the configured realm. A token issued by one Keycloak realm is silently accepte |
- CVE-2026-23552Feb 23, 2026affected >= 4.15.0, < 4.18.0fixed 4.18.0
Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component. The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss (issuer) claim of JWT tokens against the configured realm. A token issued by one Keycloak realm is silently accepte