GHSA-j3px-q95c-9683: zlib-rs stack overflow during decompression with malicious input

GHSA-p2h2-3vg9-4p87: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

GHSA-hff8-hjwv-j9q7: Remote Code Execution on click of <a> Link in markdown preview

GHSA-rp9h-rf7g-hwgr: s2n-tls has undefined behavior at process exit

GHSA-4277-m35q-7c9w: Salt preflight script could be attacker controlled

In any realm set with "User (Self) registration" a user that is registered with a username in email format can be "locked out" (denied from logging in) using his username.

**Keycloak Denial of Service via account lockout**

Low severity GitHub Reviewed Published Jun 12, 2024 in keycloak/keycloak • Updated Jun 12, 2024

Headline

GHSA-cq42-vhv7-xr7p: Keycloak Denial of Service via account lockout

ghsa: Latest News