VOOZH about

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-13467

⇱ NVD - CVE-2025-13467

  1. Vulnerabilities

CVE-2025-13467 Detail

Not Scheduled

This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.

Description

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://access.redhat.com/errata/RHSA-2025:22088 Red Hat, Inc.
https://access.redhat.com/errata/RHSA-2025:22089 Red Hat, Inc.
https://access.redhat.com/errata/RHSA-2025:22090 Red Hat, Inc.
https://access.redhat.com/errata/RHSA-2025:22091 Red Hat, Inc.
https://access.redhat.com/security/cve/CVE-2025-13467 Red Hat, Inc.
https://bugzilla.redhat.com/show_bug.cgi?id=2416038 Red Hat, Inc.
https://github.com/keycloak/keycloak/commit/754c070cf8ca187dcc71f0f72ff3130ff2195328 Red Hat, Inc.
https://github.com/keycloak/keycloak/issues/44478 Red Hat, Inc.

Weakness Enumeration

CWE-ID CWE Name Source
CWE-502 Deserialization of Untrusted Data Red Hat, Inc.  

Change History

6 change records found show changes

CVE Modified by CISA-ADP 6/17/2026 4:34:11 AM

Action Type Old Value New Value
Added SSVC 
{"timestamp":"2025-11-25T16:28:07.106292Z","id":"CVE-2025-13467","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

CVE Modified by Red Hat, Inc. 6/17/2026 4:34:11 AM

Action Type Old Value New Value
Added Affected Record truncated, showing 2048 of 2793 characters.
View Entire Change Record
[{"vendor":"Keycloak","product":"Keycloak","defaultStatus":"unaffected","collectionURL":"https://github.com/keycloak/keycloak","packageName":"keycloak","versions":[{"version":"0","lessThan":"26.4.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhbk/keycloak-operator-bundle","cpes":["cpe:/a:redhat:build_keycloak:26.2::el9"],"versions":[{"version":"26.2.11-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhbk/keycloak-rhel9","cpes":["cpe:/a:redhat:build_keycloak:26.2::el9"],"versions":[{"version":"26.2-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhbk/keycloak-rhel9-operator","cpes":["cpe:/a:redhat:build_keycloak:26.2::el9"],"versions":[{"version":"26.2-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.2.11","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keycloak","cpes":["cpe:/a:redhat:build_keycloak:26.2::el9"]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhbk/keycloak-operator-bundle","cpes":["cpe:/a:redhat:build_keycloak:26.4::el9"],"versions":[{"version":"26.4.6-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat build of Keycloak 26.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhbk/keycl

CVE Modified by Red Hat, Inc. 12/23/2025 4:15:47 PM

Action Type Old Value New Value
Added Reference 
https://github.com/keycloak/keycloak/commit/754c070cf8ca187dcc71f0f72ff3130ff2195328
Added Reference 
https://github.com/keycloak/keycloak/issues/44478

CVE Modified by Red Hat, Inc. 11/25/2025 5:15:46 PM

Action Type Old Value New Value
Added Reference 
https://access.redhat.com/errata/RHSA-2025:22088

CVE Modified by Red Hat, Inc. 11/25/2025 12:15:49 PM

Action Type Old Value New Value
Added Reference 
https://access.redhat.com/errata/RHSA-2025:22090

New CVE Received from Red Hat, Inc. 11/25/2025 11:16:06 AM

Action Type Old Value New Value
Added Description 
A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration.
Added CVSS V3.1 
AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Added CWE 
CWE-502
Added Reference 
https://access.redhat.com/errata/RHSA-2025:22089
Added Reference 
https://access.redhat.com/errata/RHSA-2025:22091
Added Reference 
https://access.redhat.com/security/cve/CVE-2025-13467
Added Reference 
https://bugzilla.redhat.com/show_bug.cgi?id=2416038

Quick Info

CVE Dictionary Entry:
CVE-2025-13467
NVD Published Date:
11/25/2025
NVD Last Modified:
06/17/2026
Source:
Red Hat, Inc.