Keycloak version 12.0.1 suffers from a blind server-side request forgery vulnerability.
91d0674796fa0b8c038987358fb23505d23cafcdda7b498527d3b65fad366018
Red Hat Security Advisory 2021-0327-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include memory leak and server-side request forgery vulnerabilities.
8f81203dda62d0a7764d4abbc2827cd3c4b8751aed3447f09505b8eb649e2c3d
Red Hat Security Advisory 2021-0319-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.
a55e3e9a66cbc84f03b7bf037fc55dbda7bb8359e914f763ad35ec34d385730f
Red Hat Security Advisory 2021-0320-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.
ff69e46c55c8c3332d31e76b072d88def9eef6f7c5c3f9f2b75024200000211a
Red Hat Security Advisory 2021-0318-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.
687bba15490d210774d47fc4cf86121dd1f3bc5b9e6caef56043b3e963e43244