​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-h6xj-ppgf-v3m9

Published

Last updated

https://images.chainguard.dev/security/CGA-h6xj-ppgf-v3m9
Package

keycloak-fips

Latest Update
Fixed
Fixed Version

26.0.6-r0

Aliases
  • CVE-2024-10270
  • GHSA-wq8x-cg39-8mrr

Severity

6.5

Medium

CVSS V3

Summary

org.keycloak:keycloak-services has Inefficient Regular Expression Complexity

Description

A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation