RHSA-2022:0152

Description

Red Hat Security Advisory: Red Hat Single Sign-On 7.5.1 security update on RHEL 8

CVSS Metrics

• v3.1•HIGH•Score: 8.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Affected Systems

• redhat•rh-sso7-keycloak

  < 0:15.0.4-1.redhat_00001.1.el8sso

• redhat•rh-sso7-keycloak-server

  < 0:15.0.4-1.redhat_00001.1.el8sso

References (25)

• https://access.redhat.com/errata/RHSA-2022:0152
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.5/
• https://bugzilla.redhat.com/show_bug.cgi?id=1935927
• https://bugzilla.redhat.com/show_bug.cgi?id=2007512
• https://bugzilla.redhat.com/show_bug.cgi?id=2011190
• https://bugzilla.redhat.com/show_bug.cgi?id=2033602
• https://issues.redhat.com/browse/CIAM-1615
• https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0152.json
• https://access.redhat.com/security/cve/CVE-2021-3827
• https://www.cve.org/CVERecord?id=CVE-2021-3827
• https://nvd.nist.gov/vuln/detail/CVE-2021-3827
• https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v
• https://access.redhat.com/security/cve/CVE-2021-4133
• https://www.cve.org/CVERecord?id=CVE-2021-4133
• https://nvd.nist.gov/vuln/detail/CVE-2021-4133
• https://github.com/keycloak/keycloak/issues/9247
• https://github.com/keycloak/keycloak/security/advisories/GHSA-83x4-9cwr-5487
• https://access.redhat.com/security/cve/CVE-2021-20289
• https://www.cve.org/CVERecord?id=CVE-2021-20289
• https://nvd.nist.gov/vuln/detail/CVE-2021-20289
• https://access.redhat.com/security/cve/CVE-2021-40690
• https://www.cve.org/CVERecord?id=CVE-2021-40690
• https://nvd.nist.gov/vuln/detail/CVE-2021-40690
• https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E