CVE-2021-3461 log

Severity Low
Remote Yes
Type Incorrect calculation
Keycloak may fail to logout a user session if the logout request comes from an external SAML identity provider that is set up to identify the principal via attributes rather than by Subject Name ID.
Group Package Affected Fixed Severity Status Ticket
AVG-1994 keycloak 13.0.0-1 13.0.1-1 Low Fixed
Date Advisory Group Package Severity Type
01 Jun 2021 ASA-202106-19 AVG-1994 keycloak Low incorrect calculation