(RHSA-2024:0804) Important: Red Hat Single Sign-On 7.6.7 security update

Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.

This release of Red Hat Single Sign-On 7.6.7 serves as a replacement for Red Hat Single Sign-On 7.6.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

• redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts (CVE-2023-6291)
• guava: insecure temporary directory creation (CVE-2023-2976)
• jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
• jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
• reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6134)
• open redirect via “form_post.jwt” JARM response mode (CVE-2023-6927)
• santuario: Private Key disclosure in debug-log output (CVE-2023-44483)
• Log Injection during WebAuthn authentication or registration (CVE-2023-6484)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.