{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T11:51:33.874","vulnerabilities":[{"cve":{"id":"CVE-2025-2559","sourceIdentifier":"secalert@redhat.com","published":"2025-03-25T09:15:17.047","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Keycloak. When the configuration uses JWT tokens for authentication, the tokens are cached until expiration. If a client uses JWT tokens with an excessively long expiration time, for example, 24 or 48 hours, the cache can grow indefinitely, leading to an OutOfMemoryError. This issue could result in a denial of service condition, preventing legitimate users from accessing the system."},{"lang":"es","value":"Se detectó una falla en Keycloak. Cuando la configuración utiliza tokens JWT para la autenticación, estos se almacenan en caché hasta su vencimiento. Si un cliente utiliza tokens JWT con un tiempo de vencimiento demasiado largo, por ejemplo, 24 o 48 horas, la caché puede crecer indefinidamente, lo que genera un error de memoria (OutOfMemoryError). Este problema podría generar una condición de denegación de servicio, impidiendo que los usuarios legítimos accedan al sistema."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:4335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4336","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-2559","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2353868","source":"secalert@redhat.com"}]}}]}