rhsa-2024_3576
Vulnerability from csaf_redhat
Published
2024-06-03 21:28
Modified
2024-09-18 08:47
Summary
Red Hat Security Advisory: Red Hat build of Keycloak 24.0.5 Images enhancement and security update
Notes
Topic
New images are available for Red Hat build of Keycloak 24.0.5 and Red Hat build of Keycloak 24.0.5 Operator, running on OpenShift Container Platform
Red Hat Product Security has rated this update as having a security impact of
Low. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.
Red Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 24.0.5 clusters.
This erratum releases new images for Red Hat build of Keycloak 24.0.5 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.
Security Fix(es):
* exposure of sensitive information in Pushed Authorization Requests (PAR)
KC_RESTART cookie (CVE-2024-4540)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New images are available for Red Hat build of Keycloak 24.0.5 and Red Hat build of Keycloak 24.0.5 Operator, running on OpenShift Container Platform\n\nRed Hat Product Security has rated this update as having a security impact of\nLow. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.\nRed Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 24.0.5 clusters.\nThis erratum releases new images for Red Hat build of Keycloak 24.0.5 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.\n\nSecurity Fix(es):\n* exposure of sensitive information in Pushed Authorization Requests (PAR)\nKC_RESTART cookie (CVE-2024-4540)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3576",
"url": "https://access.redhat.com/errata/RHSA-2024:3576"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "2279303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279303"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3576.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Keycloak 24.0.5 Images enhancement and security update",
"tracking": {
"current_release_date": "2024-09-18T08:47:28+00:00",
"generator": {
"date": "2024-09-18T08:47:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:3576",
"initial_release_date": "2024-06-03T21:28:42+00:00",
"revision_history": [
{
"date": "2024-06-03T21:28:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-03T21:28:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T08:47:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Keycloak 24",
"product": {
"name": "Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:build_keycloak:24::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Keycloak"
},
{
"branches": [
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64",
"product": {
"name": "rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64",
"product_id": "rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=24-10"
}
}
},
{
"category": "product_version",
"name": "rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"product": {
"name": "rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"product_id": "rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-operator-bundle\u0026tag=24.0.5-2"
}
}
},
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"product": {
"name": "rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"product_id": "rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=24-10"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"product": {
"name": "rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"product_id": "rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45?arch=s390x\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=24-10"
}
}
},
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"product": {
"name": "rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"product_id": "rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c?arch=s390x\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=24-10"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"product": {
"name": "rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"product_id": "rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271?arch=ppc64le\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=24-10"
}
}
},
{
"category": "product_version",
"name": "rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"product": {
"name": "rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"product_id": "rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=24-10"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64 as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64"
},
"product_reference": "rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le"
},
"product_reference": "rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64 as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64"
},
"product_reference": "rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x"
},
"product_reference": "rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x"
},
"product_reference": "rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le"
},
"product_reference": "rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"relates_to_product_reference": "9Base-RHBK-24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64 as a component of Red Hat build of Keycloak 24",
"product_id": "9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64"
},
"product_reference": "rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64",
"relates_to_product_reference": "9Base-RHBK-24"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Manuel Schallar"
]
}
],
"cve": "CVE-2024-4540",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-05-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279303"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server\u0027s HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHBK-24:rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4540"
},
{
"category": "external",
"summary": "RHBZ#2279303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279303"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4540"
}
],
"release_date": "2024-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
"product_ids": [
"9Base-RHBK-24:rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3576"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHBK-24:rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHBK-24:rhbk/keycloak-operator-bundle@sha256:106f2b57139af7135a83d41a1a0c8cf82d7f35ecb539e7d578759ac180ae1f03_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:57d9fabf4ef5677450af0e834b5d96694803a055514e262f4173118d7bc186f5_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:85207f0d7f58bdf0e5b12b5b1a6332ef733d6febd9c9c9d3a357d10265ffcc0a_amd64",
"9Base-RHBK-24:rhbk/keycloak-rhel9-operator@sha256:852808bb948ab47f547d3863f96d165fc38393c6011f5968d66bf14500533a5c_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:22f396e6089ca6dde477768d6db93601400bca856ef8e40172386a28d27a6d45_s390x",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:27d19c61a24ea38dfb537f89f9b459a1be957554985b489b5387c9d61fb3b271_ppc64le",
"9Base-RHBK-24:rhbk/keycloak-rhel9@sha256:cecd857e6417f83d07682b27b6e2c59af661e52ff7d56ee01c84792982472ba9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie"
}
]
}
Loading...