Due to a permissive regular expression hardcoded for filtering allowed hosts to register a dynamic client, a malicious user with enough information about the environment could benefit and jeopardize an environment with this specific Dynamic Client Registration with TrustedDomain configuration previously unauthorized.
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 7 Via RHSA-2024:1860 https://access.redhat.com/errata/RHSA-2024:1860
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 8 Via RHSA-2024:1861 https://access.redhat.com/errata/RHSA-2024:1861
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 9 Via RHSA-2024:1862 https://access.redhat.com/errata/RHSA-2024:1862
This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2024:1864 https://access.redhat.com/errata/RHSA-2024:1864
This issue has been addressed in the following products: RHSSO 7.6.8 Via RHSA-2024:1866 https://access.redhat.com/errata/RHSA-2024:1866
This issue has been addressed in the following products: Red Hat build of Keycloak 22.0.10 Via RHSA-2024:1868 https://access.redhat.com/errata/RHSA-2024:1868
This issue has been addressed in the following products: Red Hat build of Keycloak 22 Via RHSA-2024:1867 https://access.redhat.com/errata/RHSA-2024:1867