RHSA-2020:5625MediumCVSS 8.8

Red Hat Security Advisory: Red Hat Single Sign-On 7.4.0 security update

Published
December 17, 2020
Last Modified
June 26, 2026

🔗 CVE IDs covered (8)

📋 Description

CVE-2020-1698 — keycloak: Password leak by logged exception in HttpMethod class CVE-2020-1727 — keycloak: missing input validation in IDP authorization URLs CVE-2020-10968 — jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider CVE-2020-11111 — jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory CVE-2020-11112 — jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider CVE-2020-11113 — jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime CVE-2020-11619 — jackson-databind: Serialization gadgets in org.springframework:spring-aop CVE-2020-11620 — jackson-databind: Serialization gadgets in commons-jelly:commons-jelly

🔗 References (11)