CVE-2023-2585: A Deep Dive into Keycloak's Device Authorization Grant Vulnerability and How to Exploit It
CVE-2023-2585 is a significant security vulnerability recently discovered in Keycloak, a widely-used open-source identity and access management (IAM) solution. Keycloak's device authorization grant
CVE-2023-3223 – OutOfMemoryError Vulnerability in Undertow Servlets with @MultipartConfig Annotation, Allowing Remote DoS Attack
A new vulnerability (CVE-2023-3223) has been discovered in Undertow, the lightweight Java-based web server and servlet container. Specifically, this flaw affects servlets annotated with @MultipartConfig,