Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN681
_____________________________________________________________________

DATE                : 09/10/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running org.keycloak:keycloak-model-storage-service
                            versions prior to 26.2.9, 26.3.4.

=====================================================================
https://github.com/keycloak/keycloak/security/advisories/GHSA-8hxp-qmph-w5gq
_____________________________________________________________________


Variable resolution on imports can expose environment variables
Moderate
rmartinc published GHSA-8hxp-qmph-w5gq Oct 8, 2025

Package
org.keycloak:keycloak-model-storage-service (Maven)

Affected versions
<26.2.9, <26.3.4

Patched versions
26.2.9, 26.3.4


Description

A flaw was found in org.keycloak/keycloak-model-storage-service. The
KeycloakRealmImport custom resource substitutes placeholders within
imported realm documents, potentially referencing environment
variables. This substitution process allows for injection attacks
when crafted realm documents are processed. An attacker can leverage
this to inject malicious content during the realm import procedure.
This can lead to unintended consequences within the Keycloak
environment.


Severity
Moderate
4.9/ 10

CVSS v3 base metrics
Attack vector
Network
Attack complexity
Low
Privileges required
High
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVE ID
CVE-2025-9162

Weaknesses
Weakness CWE-526 


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================