Description
A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.
Remediation
References
https://access.redhat.com/errata/RHSA-2024:0094
https://access.redhat.com/errata/RHSA-2024:0095
https://access.redhat.com/errata/RHSA-2024:0096
https://access.redhat.com/security/cve/CVE-2022-2232
https://bugzilla.redhat.com/show_bug.cgi?id=2096994
Related Vulnerabilities
CVE-2019-16762 Vulnerability in npm package slpjs
CVE-2014-7839 Vulnerability in maven package org.jboss.resteasy:resteasy-jaxrs
CVE-2021-21388 Vulnerability in npm package systeminformation
CVE-2016-4431 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2017-8046 Vulnerability in maven package org.springframework.boot:spring-boot-starter-data-rest