CVE-2020-1725 log

Source
Severity Medium
Remote Yes
Type Authentication bypass
Description
A security issue was found in keycloak. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token.
Group Package Affected Fixed Severity Status Ticket
AVG-1332 keycloak 14.0.0-3 High Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1765129
https://issues.jboss.org/browse/KEYCLOAK-11145