0.0004 Low
EPSS
Percentile
5.1%
It was discovered that keycloak-httpd-client-install uses a predictable log file name in /tmp. A local attacker could create a symbolic link to a sensitive location, possibly causing data corruption or denial of service.
bugzilla.redhat.com/show_bug.cgi?id=1511623