CVE-2025-48374 – Zot Keycloak Client Secret Disclosure

May 22, 2025

CVE ID : CVE-2025-48374

Published : May 22, 2025, 9:15 p.m. | 1 hour, 36 minutes ago

Description : zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f), when using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout logs for an example at container startup. Version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f) fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47181 – Microsoft Edge Link Following Privilege Escalation Vulnerability

Next Article CVE-2025-48373 – Schule Client-Side Role Hijacking Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

DOOM: The Dark Ages rendered at 360p is proof if ever it were needed that DLSS 4 is pure witchcraft

This mini PC can do everything from work to cloud gaming — It’s currently at a low price for Memorial Day

Resident Evil 9 leak says it was an open-world multiplayer game at first, so I’m glad it allegedly got “a pretty heavy reboot”

I actually managed to sleep through three crying babies on my last flight thanks to these Sony ANC headphones — They’re currently $120 off while this deal lasts

A timeline of JavaScript’s history

A timeline of JavaScript’s history

Loading JSON Data into Snowflake From Local Directory

Streamline Conditional Logic with Laravel’s Fluent Conditionable Trait

DOOM: The Dark Ages rendered at 360p is proof if ever it were needed that DLSS 4 is pure witchcraft

DOOM: The Dark Ages rendered at 360p is proof if ever it were needed that DLSS 4 is pure witchcraft

This mini PC can do everything from work to cloud gaming — It’s currently at a low price for Memorial Day

Resident Evil 9 leak says it was an open-world multiplayer game at first, so I’m glad it allegedly got “a pretty heavy reboot”

CVE-2025-48374 – Zot Keycloak Client Secret Disclosure

ESET takes part in global operation to disrupt Lumma Stealer

Lumma Stealer: Down for the count

Fireworks AI und MongoDB: Die schnellsten KI-Apps mit den besten Modellen, angetrieben von Ihren Daten

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

DistroWatch Weekly, Issue 1106

Retail Insights With MongoDB: Shoptalk Fall

This MagSafe accessory lets you use iOS 18’s most underrated feature before it’s released

CVE-2025-32756 – Fortinet FortiVoice Buffer Overflow Vulnerability

Meta AI Presents MA-LMM: Memory-Augmented Large Multimodal Model for Long-Term Video Understanding

git-filter-repo â€“ quickly rewrite git repository history

CVE-2025-48374 – Zot Keycloak Client Secret Disclosure

Related Posts