Все бюллетени/sisyphus/ALT-PU-2026-4164-6
ALT-PU-2026-4164-6

Обновление пакета keycloak в ветке sisyphus

Версия26.5.5-alt1
Задание#410169
Опубликовано2026-03-19
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (8)

CVE-2026-2092
HIGH7.7

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.

Опубликовано: 2026-03-18Изменено: 2026-03-18
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
Ссылки
CVE-2026-2603
HIGH8.1

A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to complete broker logins even when the SAML Identity Provider is disabled, leading to unauthorized authentication.

Опубликовано: 2026-03-18Изменено: 2026-03-18
CVSS 3.xВЫСОКАЯ 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Ссылки
CVE-2026-3009
HIGH8.1

A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login request to bypass the administrative restriction. This undermines access control enforcement and may allow unauthorized authentication through a disabled external provider.

Опубликовано: 2026-03-05Изменено: 2026-03-24
CVSS 3.xВЫСОКАЯ 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Ссылки
CVE-2026-3047
HIGH8.8

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language (SAML) client is configured as an Identity Provider (IdP)-initiated broker landing target, it can still complete the login process and establish a Single Sign-On (SSO) session. This allows a remote attacker to gain unauthorized access to other enabled clients without re-authentication, effectively bypassing security restrictions.

Опубликовано: 2026-03-05Изменено: 2026-03-26
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
GHSA-8cr3-vpxx-92cx
HIGH8.8

Keycloak SAML Broken has Authentication Bypass by Primary Weakness

Опубликовано: 2026-03-06Изменено: 2026-03-07
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
GHSA-m297-3jv9-m927
HIGH8.1

Keycloak allows authentication using an Identity Provider (IdP) even after it has been disabled by an administrator

Опубликовано: 2026-03-06Изменено: 2026-03-07
CVSS 3.xВЫСОКАЯ 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Ссылки
GHSA-wmxr-6j5f-838p
HIGH7.7

Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

Опубликовано: 2026-03-18Изменено: 2026-04-08
CVSS 3.xВЫСОКАЯ 7.7
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
Ссылки
GHSA-x4p7-7chp-64hq
HIGH8.1

Keycloak: Unauthorized authentication via disabled SAML Identity Provider

Опубликовано: 2026-03-18Изменено: 2026-04-16
CVSS 3.xВЫСОКАЯ 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Ссылки