PingFederate Server

PingFederate 11.0.10 - April 2024

Rest datastore security vulnerability

Security PF-34720

Fixed a JSON injection vulnerability in REST datastores described in security advisory SECADV044.

Runtime nodes security vulnerability

Security PF-34896

Fixed a path traversal vulnerability in Runtime nodes described in security advisory SECADV044.

OpenID Connect policy management editor security vulnerability

Security PF-35081

Fixed a Cross-Site Scripting vulnerability in the OpenID Connect Policy Management Editor described in security advisory SECADV044.

Slow log consumption affects performance

Fixed PF-33368

Fixed a defect that caused performance issues for PingFederate when third-party logging services were slow to consume logging events.