{"id":"RHSA-2023:1043","summary":"Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7","modified":"2026-04-02T10:03:09Z","published":"2024-09-30T16:32:34Z","upstream":["CVE-2018-14040","CVE-2018-14042","CVE-2019-11358","CVE-2020-11022","CVE-2020-11023","CVE-2021-35065","CVE-2021-44906","CVE-2022-1274","CVE-2022-1438","CVE-2022-1471","CVE-2022-24785","CVE-2022-25857","CVE-2022-2764","CVE-2022-31129","CVE-2022-37603","CVE-2022-38749","CVE-2022-38750","CVE-2022-38751","CVE-2022-3916","CVE-2022-40149","CVE-2022-40150","CVE-2022-4137","CVE-2022-42003","CVE-2022-42004","CVE-2022-45047","CVE-2022-45693","CVE-2022-46175","CVE-2022-46363","CVE-2022-46364","CVE-2023-0091","CVE-2023-0264"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:1043"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601614"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601617"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2031904"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2072009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2073157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2117506"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2126789"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129706"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129707"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129709"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135244"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135247"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135770"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135771"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138971"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140597"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141404"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2145194"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2148496"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2150009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2155681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2155682"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2155970"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156263"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156324"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2158585"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160585"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1043.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14040"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14040"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14040"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14042"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14042"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14042"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11358"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11358"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358"},{"type":"ARTICLE","url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"},{"type":"ARTICLE","url":"https://www.drupal.org/sa-core-2019-006"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11022"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11022"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11023"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"type":"ARTICLE","url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-35065"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-35065"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-35065"},{"type":"ARTICLE","url":"https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-44906"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-44906"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44906"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-xvch-5gv4-984h"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1274"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-1274"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1274"},{"type":"ARTICLE","url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1438"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-1438"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1438"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1471"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-1471"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1471"},{"type":"ARTICLE","url":"https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-2764"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-2764"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2764"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-3916"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-3916"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3916"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-4137"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-4137"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4137"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-24785"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-24785"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24785"},{"type":"ARTICLE","url":"https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-25857"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-25857"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25857"},{"type":"ARTICLE","url":"https://bitbucket.org/snakeyaml/snakeyaml/issues/525"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-31129"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-31129"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31129"},{"type":"ARTICLE","url":"https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-37603"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-37603"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37603"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-38749"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-38749"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38749"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-38750"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-38750"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38750"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-38751"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-38751"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38751"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-40149"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-40149"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40149"},{"type":"ARTICLE","url":"https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-40150"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-40150"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40150"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-42003"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-42003"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42003"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-42004"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-42004"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42004"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-45047"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-45047"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-45047"},{"type":"ARTICLE","url":"https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-45693"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-45693"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-45693"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-46175"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-46175"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46175"},{"type":"ARTICLE","url":"https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-46363"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-46363"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46363"},{"type":"ARTICLE","url":"https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-46364"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-46364"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46364"},{"type":"ARTICLE","url":"https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-0091"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2023-0091"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0091"},{"type":"ARTICLE","url":"https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"},{"type":"ARTICLE","url":"https://github.com/keycloak/security/issues/27"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-0264"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2023-0264"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0264"}],"affected":[{"package":{"name":"rh-sso7-keycloak","ecosystem":"Red Hat:red_hat_single_sign_on:7.6::el7","purl":"pkg:rpm/redhat/rh-sso7-keycloak"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.0.6-1.redhat_00001.1.el7sso"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:1043.json"}},{"package":{"name":"rh-sso7-keycloak-server","ecosystem":"Red Hat:red_hat_single_sign_on:7.6::el7","purl":"pkg:rpm/redhat/rh-sso7-keycloak-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.0.6-1.redhat_00001.1.el7sso"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:1043.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}