CVE-2025-21085 | Ping Identity PingFederate up to 11.3.12/12.0.8/12.1.8/12.2.3 OAuth2 duplicate key in associative list

Inserito da Angelo Barbosa | Giu 15, 2025 | CVE

A vulnerability was found in Ping Identity PingFederate up to 11.3.12/12.0.8/12.1.8/12.2.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component OAuth2. The manipulation leads to duplicate key in associative list.

This vulnerability is handled as CVE-2025-21085. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-21085 | Ping Identity PingFederate up to 11.3.12/12.0.8/12.1.8/12.2.3 OAuth2 duplicate key in associative list

Post correlati

CVE-2024-6775 | Google Chrome up to 126.0.6478.126 Media Stream use after free (ID 347373)

CVE-2024-27919 | Envoy HTTP/2 resource consumption

CVE-2025-22689 | Levan Tarbor Forex Calculators Plugin up to 1.3.6 on WordPress cross site scripting

CVE-2024-23850 | Linux Kernel up to 6.7.1 fs/btrfs/disk-io.c btrfs_get_root_ref assertion