{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10043", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "REJECTED", "assignerShortName": "redhat", "dateReserved": "2025-09-05T18:12:23.630Z", "datePublished": "2025-09-05T20:06:14.915Z", "dateUpdated": "2025-10-09T01:45:58.716Z", "dateRejected": "2025-10-09T01:45:58.716Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Considered by the maintainers a bug scenario experienced rather than a vulnerability."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-10-09T01:45:58.716Z"}}}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10043", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "REJECTED", "assignerShortName": "redhat", "dateReserved": "2025-09-05T18:12:23.630Z", "datePublished": "2025-09-05T20:06:14.915Z", "dateUpdated": "2025-10-09T01:45:58.716Z", "dateRejected": "2025-10-09T01:45:58.716Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Considered by the maintainers a bug scenario experienced rather than a vulnerability."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-10-09T01:45:58.716Z"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: Considered by the maintainers a bug scenario experienced rather than a vulnerability."}], "id": "CVE-2025-10043", "lastModified": "2025-10-09T02:15:40.607", "metrics": {}, "published": "2025-09-05T20:15:34.220", "references": [], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "keycloak: Incomplete fix of CVE-2024-10492", "id": "2393549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393549"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-73", "details": ["A path traversal validation flaw exists in Keycloak\u2019s vault key handling on Windows. The previous fix for CVE-2024-10492 did not account for the Windows file separator (\\). As a result, a high-privilege administrator could probe for the existence of files outside the expected realm context through crafted vault secret lookups. This is a platform-specific variant/incomplete fix of CVE-2024-10492."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-10043", "package_state": [{"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Affected", "package_name": "keycloak-vault", "product_name": "Red Hat Build of Keycloak"}], "public_date": "2025-09-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-10043\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-10043"], "threat_severity": "Low"}