Tanner Emek

**Name of the Vulnerable Software and Affected Versions** Keycloak versions prior to 24.0.0 **Description** A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks. Over 760K services are found to be potentially affected. **Recommendations** For versions prior to 24.0.0, upgrade to 24.0.0 or later to secure your data. As a temporary workaround, consider restricting access to the SAML authentication module until a patch is available. Avoid using the vulnerable SAML signature validation process in the Keycloak XMLSignatureUtil class until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Jenkins Blue Ocean Plugin versions 1.25.3 and earlier **Description** A cross-site request forgery (CSRF) issue allows attackers to connect to an attacker-specified HTTP server. The vulnerability can be exploited by making the victim's browser send an unintended request to the affected HTTP endpoints. In the fixed version, Blue Ocean Plugin 1.25.4, the vulnerability is mitigated by requiring POST requests and the appropriate permissions for the affected endpoints. **Recommendations** For Jenkins Blue Ocean Plugin versions 1.25.3 and earlier, update to version 1.25.4 or later, which requires POST requests and the appropriate permissions for the affected HTTP endpoints, thus mitigating the CSRF issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 64.0.3282.119 **Description** The issue is related to a lack of support for a non-standard no-referrer policy value in Blink, which allowed a remote attacker to obtain referrer details from a web page that had opted out of sending referrer data. This could potentially reveal detailed information about links from a web page. **Recommendations** For Google Chrome versions prior to 64.0.3282.119, update to version 64.0.3282.119 or later to resolve the issue.