rhsa-2024_1864
Vulnerability from csaf_redhat
Published
2024-04-16 19:54
Modified
2024-11-07 14:23
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.8 for OpenShift image enhancement and security update

Notes

Topic
A new image is available for Red Hat Single Sign-On 7.6.8, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. This is an enhancement and security update with Important impact rating and package name 'rh-sso7-keycloak'. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. Security Fix(es): * Authorization Bypass (CVE-2023-6544) * Log Injection during WebAuthn authentication or registration (CVE-2023-6484) * path transversal in redirection validation (CVE-2024-1132) * unvalidated cross-origin messages in checkLoginIframe leads to DDoS (CVE-2024-1249) * undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol (CVE-2024-1635) This erratum releases a new image for Red Hat Single Sign-On 7.6.8 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new image is available for Red Hat Single Sign-On 7.6.8, running on OpenShift Container Platform 3.10 and 3.11, and 4.3.\n\nThis is an enhancement and security update with Important impact rating and\npackage name \u0027rh-sso7-keycloak\u0027. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Single Sign-On is an integrated sign-on solution, available as a\nRed Hat JBoss Middleware for OpenShift containerized image. The Red Hat\nSingle Sign-On for OpenShift image provides an authentication server that\nyou can use to log in centrally, log out, and register. You can also manage\nuser accounts for web applications, mobile applications, and RESTful web\nservices.\n\nSecurity Fix(es):\n\n* Authorization Bypass (CVE-2023-6544)\n* Log Injection during WebAuthn authentication or registration (CVE-2023-6484)\n* path transversal in redirection validation (CVE-2024-1132)\n* unvalidated cross-origin messages in checkLoginIframe leads to DDoS (CVE-2024-1249)\n* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol (CVE-2024-1635)\n\nThis erratum releases a new image for Red Hat Single Sign-On 7.6.8 for\nuse within the OpenShift Container Platform 3.10, OpenShift Container Platform\n3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1864",
        "url": "https://access.redhat.com/errata/RHSA-2024:1864"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2248423",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248423"
      },
      {
        "category": "external",
        "summary": "2253116",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253116"
      },
      {
        "category": "external",
        "summary": "2262117",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117"
      },
      {
        "category": "external",
        "summary": "2262918",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918"
      },
      {
        "category": "external",
        "summary": "2264928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1864.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.8 for OpenShift image enhancement and security update",
    "tracking": {
      "current_release_date": "2024-11-07T14:23:01+00:00",
      "generator": {
        "date": "2024-11-07T14:23:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2024:1864",
      "initial_release_date": "2024-04-16T19:54:17+00:00",
      "revision_history": [
        {
          "date": "2024-04-16T19:54:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-04-16T19:54:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-07T14:23:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Middleware Containers for OpenShift",
                "product": {
                  "name": "Middleware Containers for OpenShift",
                  "product_id": "8Base-RHOSE-Middleware",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le",
                "product": {
                  "name": "rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le",
                  "product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf?arch=ppc64le\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-46"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
                "product": {
                  "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
                  "product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d?arch=amd64\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-46"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
                "product": {
                  "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
                  "product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0?arch=s390x\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-46"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64 as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64"
        },
        "product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x"
        },
        "product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le as a component of Middleware Containers for OpenShift",
          "product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        },
        "product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-Middleware"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-6484",
      "cwe": {
        "id": "CWE-117",
        "name": "Improper Output Neutralization for Logs"
      },
      "discovery_date": "2023-11-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2248423"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Log Injection during WebAuthn authentication or registration",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-6484"
        },
        {
          "category": "external",
          "summary": "RHBZ#2248423",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248423"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6484",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-6484"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6484",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6484"
        }
      ],
      "release_date": "2023-12-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-16T19:54:17+00:00",
          "details": "To update to the latest Red Hat Single Sign-On 7.6.8 for OpenShift\nimage, Follow these steps to pull in the content:\n\n1. On your main hosts, ensure you are logged into the CLI as a\ncluster administrator or user with project administrator access\nto the global \"openshift\" project. For example:\n\n$ oc login -u system:admin\n\n2. Update the core set of Red Hat Single Sign-On resources for OpenShift\nin the \"openshift\" project by running the following commands:\n\n$ for resource in sso76-image-stream.json \\\nsso76-https.json \\\nsso76-mysql.json \\\nsso76-mysql-persistent.json \\\nsso76-postgresql.json \\\nsso76-postgresql-persistent.json \\\nsso76-x509-https.json \\\nsso76-x509-mysql-persistent.json \\\nsso76-x509-postgresql-persistent.json\ndo\noc replace -n openshift --force -f \\\nhttps://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/v7.6.8.GA/templates/${resource}\ndone\n\n3. Install the Red Hat Single Sign-On 7.6.8 for OpenShift streams in the\n\"openshift\" project by running the following commands:\n\n$ oc -n openshift import-image redhat-sso76-openshift:1.0",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1864"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "keycloak: Log Injection during WebAuthn authentication or registration"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Bastian Kanbach"
          ],
          "organization": "Secure Systems DE [bastian.kanbach@securesystems.de]"
        }
      ],
      "cve": "CVE-2023-6544",
      "cwe": {
        "id": "CWE-625",
        "name": "Permissive Regular Expression"
      },
      "discovery_date": "2023-12-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2253116"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Authorization Bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Due to the high complexity of this attack, Red Hat considers this a Moderate impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-6544"
        },
        {
          "category": "external",
          "summary": "RHBZ#2253116",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253116"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6544",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-6544"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6544",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6544"
        }
      ],
      "release_date": "2024-04-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-16T19:54:17+00:00",
          "details": "To update to the latest Red Hat Single Sign-On 7.6.8 for OpenShift\nimage, Follow these steps to pull in the content:\n\n1. On your main hosts, ensure you are logged into the CLI as a\ncluster administrator or user with project administrator access\nto the global \"openshift\" project. For example:\n\n$ oc login -u system:admin\n\n2. Update the core set of Red Hat Single Sign-On resources for OpenShift\nin the \"openshift\" project by running the following commands:\n\n$ for resource in sso76-image-stream.json \\\nsso76-https.json \\\nsso76-mysql.json \\\nsso76-mysql-persistent.json \\\nsso76-postgresql.json \\\nsso76-postgresql-persistent.json \\\nsso76-x509-https.json \\\nsso76-x509-mysql-persistent.json \\\nsso76-x509-postgresql-persistent.json\ndo\noc replace -n openshift --force -f \\\nhttps://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/v7.6.8.GA/templates/${resource}\ndone\n\n3. Install the Red Hat Single Sign-On 7.6.8 for OpenShift streams in the\n\"openshift\" project by running the following commands:\n\n$ oc -n openshift import-image redhat-sso76-openshift:1.0",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1864"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available for this flaw.",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "keycloak: Authorization Bypass"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Axel Flamcourt"
          ]
        }
      ],
      "cve": "CVE-2024-1132",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2262117"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: path transversal in redirection validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution, but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason, Quarkus is marked as having a Low impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1132"
        },
        {
          "category": "external",
          "summary": "RHBZ#2262117",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1132",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1132"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132"
        }
      ],
      "release_date": "2024-04-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-16T19:54:17+00:00",
          "details": "To update to the latest Red Hat Single Sign-On 7.6.8 for OpenShift\nimage, Follow these steps to pull in the content:\n\n1. On your main hosts, ensure you are logged into the CLI as a\ncluster administrator or user with project administrator access\nto the global \"openshift\" project. For example:\n\n$ oc login -u system:admin\n\n2. Update the core set of Red Hat Single Sign-On resources for OpenShift\nin the \"openshift\" project by running the following commands:\n\n$ for resource in sso76-image-stream.json \\\nsso76-https.json \\\nsso76-mysql.json \\\nsso76-mysql-persistent.json \\\nsso76-postgresql.json \\\nsso76-postgresql-persistent.json \\\nsso76-x509-https.json \\\nsso76-x509-mysql-persistent.json \\\nsso76-x509-postgresql-persistent.json\ndo\noc replace -n openshift --force -f \\\nhttps://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/v7.6.8.GA/templates/${resource}\ndone\n\n3. Install the Red Hat Single Sign-On 7.6.8 for OpenShift streams in the\n\"openshift\" project by running the following commands:\n\n$ oc -n openshift import-image redhat-sso76-openshift:1.0",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1864"
        },
        {
          "category": "workaround",
          "details": "No current mitigation is available for this vulnerability.",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: path transversal in redirection validation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Adriano M\u00e1rcio Monteiro"
          ]
        }
      ],
      "cve": "CVE-2024-1249",
      "cwe": {
        "id": "CWE-346",
        "name": "Origin Validation Error"
      },
      "discovery_date": "2024-02-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2262918"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak\u0027s OIDC component in the \"checkLoginIframe,\" which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application\u0027s availability without proper origin validation for incoming messages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in Keycloak\u0027s OIDC component allowing unvalidated cross-origin messages in the \"checkLoginIframe\" function represents an important severity issue due to its potential to cause significant disruption and resource exhaustion. Exploitation of this flaw can lead to a Denial of Service (DoS) condition, where malicious actors can overwhelm the server with a high volume of requests, impacting availability for legitimate users. The absence of proper origin validation means attackers can exploit this weakness relatively easily, leveraging automated scripts to flood the server within seconds.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1249"
        },
        {
          "category": "external",
          "summary": "RHBZ#2262918",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1249",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1249"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249"
        }
      ],
      "release_date": "2024-04-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-16T19:54:17+00:00",
          "details": "To update to the latest Red Hat Single Sign-On 7.6.8 for OpenShift\nimage, Follow these steps to pull in the content:\n\n1. On your main hosts, ensure you are logged into the CLI as a\ncluster administrator or user with project administrator access\nto the global \"openshift\" project. For example:\n\n$ oc login -u system:admin\n\n2. Update the core set of Red Hat Single Sign-On resources for OpenShift\nin the \"openshift\" project by running the following commands:\n\n$ for resource in sso76-image-stream.json \\\nsso76-https.json \\\nsso76-mysql.json \\\nsso76-mysql-persistent.json \\\nsso76-postgresql.json \\\nsso76-postgresql-persistent.json \\\nsso76-x509-https.json \\\nsso76-x509-mysql-persistent.json \\\nsso76-x509-postgresql-persistent.json\ndo\noc replace -n openshift --force -f \\\nhttps://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/v7.6.8.GA/templates/${resource}\ndone\n\n3. Install the Red Hat Single Sign-On 7.6.8 for OpenShift streams in the\n\"openshift\" project by running the following commands:\n\n$ oc -n openshift import-image redhat-sso76-openshift:1.0",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1864"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS"
    },
    {
      "cve": "CVE-2024-1635",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2264928"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
          "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1635"
        },
        {
          "category": "external",
          "summary": "RHBZ#2264928",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1635",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1635"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635"
        }
      ],
      "release_date": "2023-10-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-16T19:54:17+00:00",
          "details": "To update to the latest Red Hat Single Sign-On 7.6.8 for OpenShift\nimage, Follow these steps to pull in the content:\n\n1. On your main hosts, ensure you are logged into the CLI as a\ncluster administrator or user with project administrator access\nto the global \"openshift\" project. For example:\n\n$ oc login -u system:admin\n\n2. Update the core set of Red Hat Single Sign-On resources for OpenShift\nin the \"openshift\" project by running the following commands:\n\n$ for resource in sso76-image-stream.json \\\nsso76-https.json \\\nsso76-mysql.json \\\nsso76-mysql-persistent.json \\\nsso76-postgresql.json \\\nsso76-postgresql-persistent.json \\\nsso76-x509-https.json \\\nsso76-x509-mysql-persistent.json \\\nsso76-x509-postgresql-persistent.json\ndo\noc replace -n openshift --force -f \\\nhttps://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/v7.6.8.GA/templates/${resource}\ndone\n\n3. Install the Red Hat Single Sign-On 7.6.8 for OpenShift streams in the\n\"openshift\" project by running the following commands:\n\n$ oc -n openshift import-image redhat-sso76-openshift:1.0",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1864"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.",
          "product_ids": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x",
            "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.