Description
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1941565
Related Vulnerabilities
CVE-2022-41401 Vulnerability in maven package org.openrefine:main
CVE-2021-3637 Vulnerability in maven package org.keycloak:keycloak-model-infinispan
CVE-2022-0436 Vulnerability in npm package grunt
CVE-2021-23926 Vulnerability in maven package org.apache.xmlbeans:xmlbeans
CVE-2022-35204 Vulnerability in maven package org.webjars.npm:vite