Описание
Keycloak insufficient session expiration
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
Пакеты
Наименование
org.keycloak:keycloak-parent
maven
Затронутые версииВерсия исправления
< 14.0.0
14.0.0
Связанные уязвимости
CVSS3: 7.1
redhat
почти 5 лет назад
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
CVSS3: 7.1
nvd
почти 4 года назад
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
CVSS3: 7.1
debian
почти 4 года назад
A flaw was found in keycloak where keycloak may fail to logout user se ...