CVE-2025-11419: Allocation of Resources Without Limits or Throttling
A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.
CVE-2025-11419: Allocation of Resources Without Limits or Throttling
Description
A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2025-10-07T11:19:18.134Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 694aff404eddf7475af4bf8b
Added to database: 12/23/2025, 8:44:48 PM
Last updated: 12/23/2025, 8:45:31 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15044: Stack-based Buffer Overflow in Tenda WH450
CriticalCVE-2025-65354: n/a
CriticalCVE-2023-53982: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Sigb PMB
CriticalCVE-2025-10863
UnknownCVE-2025-25364: n/a
HighActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.