MiracleLinux 8 : resource-agents-4.9.0-54.el8_10.4 (AXSA:2024-8815:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8815:06 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 pypa/setuptools: Remote code execution via...

DEBIAN-CVE-2025-61780

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers such as Nginx. Specially crafted headers could cause Rack::Sendfile to...

CVE-2025-61780

CVE-2025-61780 (Rack) affects Rack, a modular Ruby web server interface. The IBM security bulletin and Debian advisories describe a vulnerability in Rack::Sendfile when used behind a proxy that supports x-accel-redirect/x-sendfile headers. By sending crafted headers, an attacker could cause Rack:...

GHSA-PCX7-8HXG-J823 Duplicate Advisory: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jgwc-jh89-rpgq. This link is maintained to preserve external references. Original Description A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service DoS attack...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.6 Update

New Red Hat build of Keycloak 26.0.6 packages with security impact Important are available from the Customer Portal Red Hat build of Keycloak 26.0.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobi...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.6 Images Update

New images with security impact Important are available for Red Hat build of Keycloak 26.0.6 and Red Hat build of Keycloak 26.0.6 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 24.0.9 Update

New Red Hat build of Keycloak 24.0.9 packages with security impact Important are available from the Customer Portal Red Hat build of Keycloak 24.0.9 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobi...