Back to bug 1999196

Who	When	What	Removed	Added
Michael Kaplan	2021-08-30 17:08:03 UTC	CC		security-response-team
Michael Kaplan	2021-08-30 17:08:41 UTC	Blocks		1998585
Michael Kaplan	2021-08-31 13:25:22 UTC	Alias		CVE-2021-3754
		Summary	EMBARGOED keycloak: allows using email as username	EMBARGOED CVE-2021-3754 keycloak: allows using email as username
Michael Kaplan	2021-08-31 13:28:44 UTC	Blocks		1999637
Hardik Vyas	2021-09-09 04:10:41 UTC	Doc Text		Test
Paramvir jindal	2021-09-09 05:12:36 UTC	Doc Text	Test	A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.
Red Hat Bugzilla	2021-12-31 23:34:19 UTC	CC	almorale
Red Hat Bugzilla	2022-04-19 04:39:04 UTC	CC	ggaughan
Red Hat Bugzilla	2022-06-30 23:46:53 UTC	Deadline		2022-05-30
		Priority	medium	low
		Severity	medium	low
		CC	aileenc, gmalinko, janstey, pantinor, pdelbell	boliveir, emingora, pskopek, rguimara
		Summary	EMBARGOED CVE-2021-3754 keycloak: allows using email as username	CVE-2021-3754 keycloak: allows using email as username
		Group	security, qe_staff
		Deadline	2022-05-30
		CC	bibryam
Red Hat Bugzilla	2022-07-31 22:42:22 UTC	CC	tzimanyi
Red Hat Bugzilla	2022-08-12 04:38:14 UTC	CC	etirelli
Red Hat Bugzilla	2022-08-31 22:23:10 UTC	CC	mszynkie
Red Hat Bugzilla	2022-10-28 13:13:07 UTC	CC	krathod
Red Hat Bugzilla	2022-11-14 23:22:50 UTC	CC	jstastny
Red Hat Bugzilla	2022-12-31 23:43:20 UTC	CC	aboyko
Red Hat Bugzilla	2023-05-15 18:03:55 UTC	CC	rrajasek
Red Hat Bugzilla	2023-05-15 18:09:26 UTC	CC	drieden
Red Hat Bugzilla	2023-07-07 08:29:40 UTC	CC	security-response-team
		Assignee	security-response-team	nobody

Back to bug 1999196