Bugzilla 2010164: CVE-2021-3856 keycloak-services: ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader
CWE-552: Files or Directories Accessible to External Parties
FAQ: Frequently asked questions about CVE-2021-3856