17 matches found
EUVD-2024-1253
Malicious code in bioql PyPI...
CVE-2024-2419
A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...
CVE-2024-2419 Keycloak: path traversal in the redirect validation
A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update
A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 7
New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 8
New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image enhancement update
A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
CVE-2023-6291
Technical details about CVE-2023-6291 are not publicly available in the provided documents. Monitor for updates from Red Hat/Keycloak advisories for affected products, versions, and patches.
CVE-2023-6291 Keycloak: redirect_uri validation bypass
A flaw was found in the redirecturi validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users...
RHEL 9 : Red Hat Single Sign-On 7.6.6 security update on RHEL 9 (Important) (RHSA-2023:7855)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7855 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
RHEL 7 : Red Hat Single Sign-On 7.6.6 security update on RHEL 7 (Important) (RHSA-2023:7854)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7854 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
RHEL 8 : Red Hat Single Sign-On 7.6.6 security update on RHEL 8 (Important) (RHSA-2023:7856)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7856 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 22.0.7 images enhancement and security update
A security update is now available for Red Hat build of Keycloak 22.0.7 images running on OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update
A new image is available for Red Hat Single Sign-On 7.6.6, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 22.0.7 enhancement and security update
Red Hat build of Keycloak 22.0.7 is now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 8
New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 9
New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...