CVE-2021-3461 - log back

CVE-2021-3461 edited at 25 May 2021 22:38:32
References
https://bugzilla.redhat.com/show_bug.cgi?id=1941565
https://issues.redhat.com/browse/KEYCLOAK-17495
+ https://github.com/keycloak/keycloak/commit/f014299e7c781dff2b492b81bc81adcf717bd530
CVE-2021-3461 edited at 23 Mar 2021 11:11:23
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Incorrect calculation
Description
+ Keycloak may fail to logout a user session if the logout request comes from an external SAML identity provider that is set up to identify the principal via attributes rather than by Subject Name ID.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1941565
+ https://issues.redhat.com/browse/KEYCLOAK-17495
CVE-2021-3461 created at 23 Mar 2021 11:06:38
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes