Keycloak 11 is vulnerable to CVE-2018-5382 because of its dependency on: org.bouncycastle bcprov-ext-jdk15on
To remediate the vulnerability one must disable the use of BKS-1 (legacy signature format).
Please confirm if Keycloak 11 uses BKS-1.
Keycloak 11 is vulnerable to CVE-2018-5382 because of its dependency on: org.bouncycastle bcprov-ext-jdk15on
To remediate the vulnerability one must disable the use of BKS-1 (legacy signature format).
Please confirm if Keycloak 11 uses BKS-1.
Hi all,
I have the same question. Can anyone help with this or is there any link with more information about this problem available?
Thanks!
Can anybody help with this problem?