Headline
GHSA-4xx7-2cx3-x473: Keycloak SAML signature validation flaw
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.
Keycloak SAML signature validation flaw
High severity GitHub Reviewed Published Sep 19, 2024 to the GitHub Advisory Database • Updated Sep 19, 2024
Related news
Red Hat Security Advisory 2024-6890-03 - New Red Hat build of Keycloak 24.0.8 packages with security impact Important are available from the Customer Portal. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6889-03 - New images with security impact Important are available for Red Hat build of Keycloak 24.0.8 and Red Hat build of Keycloak 24.0.8 Operator, running on OpenShift Container Platform. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6888-03 - New Red Hat build of Keycloak 22.0.13 packages with security impact Important are available from the Customer Portal. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6887-03 - New images with security impact Important are available for Red Hat build of Keycloak 22.0.13 and Red Hat build of Keycloak 22.0.13 Operator, running on OpenShift Container Platform. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6886-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6882-03 - A new image is available for Red Hat Single Sign-On 7.6.11, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6880-03 - New Red Hat Single Sign-On 7.6.11 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6879-03 - New Red Hat Single Sign-On 7.6.11 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-6878-03 - New Red Hat Single Sign-On 7.6.11 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include a privilege escalation vulnerability.