- Issued:
- 2025-07-23
- Updated:
- 2025-07-23
RHSA-2025:11638 - Security Advisory
Synopsis
Moderate: Red Hat Single Sign-On 7.6.12 security update on RHEL 7
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
New Red Hat Single Sign-On 7.6.12 packages are now available for Red Hat Enterprise Linux 7.
Description
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.12 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.11, and includes bug fixes and enhancements which are documented in the Release Notes document linked to in the References. This security update has moderate impact.
Security fixes:
- org.wildfly.core/wildfly-core-management-client: Wildfly vulnerable to Cross-Site Scripting (XSS) (CVE-2024-10234)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Single Sign-On 7.6 for RHEL 7 x86_64
Fixes
- BZ - 2320848 - CVE-2024-10234 wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)
CVEs
Red Hat Single Sign-On 7.6 for RHEL 7
| SRPM | |
|---|---|
| rh-sso7-keycloak-18.0.19-1.redhat_00002.1.el7sso.src.rpm | SHA-256: bb4cd87e2ca49f45ee3d8cccb058be3ab99d35912a01b5a0b957f5b2bc01886f |
| x86_64 | |
| rh-sso7-keycloak-18.0.19-1.redhat_00002.1.el7sso.noarch.rpm | SHA-256: 35b5935aa0f118a2d4d73b8ae212bc0a82111aa5eb5d748b8e59731a3f77b255 |
| rh-sso7-keycloak-server-18.0.19-1.redhat_00002.1.el7sso.noarch.rpm | SHA-256: 74563f267453e58b7334ff3713635dee20aadf8febf251adef602efb9c61cb58 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
