Threats Tagged 'cve-2026-6860'

This release of Red Hat build of Quarkus 3.33.2.SP1 includes the following CVE fixes: * quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [quarkus-3.33] (CVE-2026-50559) * vertx-core: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name [quarkus-3.33] (CVE-2026-6860) * netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [quarkus-3.33] (CVE-2026-44249) * netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [quarkus-3.33] (CVE-2026-44893) * netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [quarkus-3.33] (CVE-2026-48043) * netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [quarkus-3.33] (CVE-2026-48059) * netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [quarkus-3.33] (CVE-2026-47691) * netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [quarkus-3.33] (CVE-2026-50010) * netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder [quarkus-3.33] (CVE-2026-50020) * netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [quarkus-3.33] (CVE-2026-45674) * netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [quarkus-3.33] (CVE-2026-45416) * netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling [quarkus-3.33] (CVE-2026-50560) * netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams [quarkus-3.33] (CVE-2026-47244) * netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs [quarkus-3.33] (CVE-2026-45673) For more information, see the release notes page listed in the References section.

Red Hat build of Keycloak 26.6.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes: * Information disclosure via CORS header injection due to unvalidated JWT azp claim (CVE-2026-37977) * Server-Side Request Forgery via OIDC token endpoint manipulation (CVE-2026-4874) * eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name (CVE-2026-6860) * Improper Access Control on Keycloak Server when the account Account API feature is disabled (CVE-2026-7500) * Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation (CVE-2026-8830) * Security flaw in org.keycloak/keycloak-services (CVE-2026-8922) * Information disclosure through arbitrary filesystem path probing (CVE-2026-9083) * Cross-site scripting (XSS) via case-insensitive URI validation bypass (CVE-2026-9086) * Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login (CVE-2026-9087) * Information disclosure due to user profile permission bypass (CVE-2026-9088) * Group-Admin Escalation to Realm-Admin (CVE-2026-9099) * Privilege escalation due to oversized subject_token JWT (CVE-2026-9704) * Attacker can re-enable and take over disabled clients via Registration Access Token (CVE-2026-9705) * Organization Data Leak After Feature Disabled in Keycloak (CVE-2026-9791) * Security restriction bypass allows unauthorized ROPC token acquisition (CVE-2026-9792) * Information disclosure via SAML ECP endpoint (CVE-2026-9794) * Privilege escalation via improper scope mapping enforcement (CVE-2026-9795) * Unauthorized access to resources via UMA permission ticket bypass (CVE-2026-9799) * Authorization bypass via incorrect URI comparison (CVE-2026-9800) * Denial of Service via malformed LDAP password policy response (CVE-2026-9801) * Unauthorized account access via replayed refresh tokens after cluster restart (CVE-2026-9802) * Denial of Service via malformed Authorization header (CVE-2026-9803)