CVE-2025-13467

Publication date

2025-11-25 16:02:21

Family

redhat

State

PUBLISHED

Description

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration.