6 matches found
CVE-2024-10492 vulnerabilities
Vulnerabilities for packages: keycloak...
No title provided
A path traversal validation flaw exists in Keycloak’s vault key handling on Windows. The previous fix for CVE-2024-10492 did not account for the Windows file separator . As a result, a high-privilege administrator could probe for the existence of files outside the expected realm context through...
CVE-2025-10043
CVE-2025-10043 is rejected/not used as stated; not an active vulnerability entry.
de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=2.5.6-24.0 <=4.0.5-25.0), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +8 more potentially affected by CVE-2024-10492 via org.keycloak:keycloak-quarkus-server (>=12.0.0 <=26.0.5)
org.keycloak:keycloak-quarkus-server MAVEN version =12.0.0, =2.5.6-24.0, =0.1.0, =15.1.0, =15.1.0, =21.1.0, =26.0.0, =15.1.0, =12.0.0, =12.0.0, =26.0.0, =26.0.5 Source cves: CVE-2024-10492 Source advisory: OSV:GHSA-5545-R4HG-RJ4M...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 24.0.9 Update
New Red Hat build of Keycloak 24.0.9 packages with security impact Important are available from the Customer Portal Red Hat build of Keycloak 24.0.9 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobi...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 24.0.9 Images Update
New images with security impact Important are available for Red Hat build of Keycloak 24.0.9 and Red Hat build of Keycloak 24.0.9 Operator, running on OpenShift Container Platform. Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift...