Lucene search
GoogleOSV:GHSA-MRV8-PQFJ-7GP5HistoryApr 17, 2024 - 5:31 p.m.
Keycloak path traversal vulnerability in the redirect validation
2024-04-1717:31:12
Google
osv.dev
18
keycloak
path traversal
vulnerability
redirect validation
bypass
allowed hosts
software
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
An issue was found in the redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts.
Related
veracode
veracode
Path Traversal
2024-04-18 05:23:34
cgr
cgr
CVE-2024-2419 vulnerabilities
2024-05-19 03:07:16
osv
osv
CGA-4mpx-5vpw-hg98
2024-06-06 12:22:39
CGA-xgmg-8pmw-q287
2024-06-06 12:26:35
github
github
Keycloak path traversal vulnerability in the redirect validation
2024-04-17 17:31:12
wolfi
wolfi
CVE-2024-2419 vulnerabilities
2024-09-16 09:11:42
cve
cve
CVE-2024-2419
2024-04-17 14:15:08
redhatcve
redhatcve
CVE-2024-2419
2024-04-17 13:02:42
cvelist
cvelist
CVE-2024-2419 Keycloak: path traversal in the redirect validation
2024-04-17 13:23:34
nvd
nvd
CVE-2024-2419
2024-04-17 14:15:08
vulnrichment
vulnrichment
CVE-2024-2419 Keycloak: path traversal in the redirect validation
2024-04-17 13:23:34
ibm
ibm
redhat
redhat
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
Related for OSV:GHSA-MRV8-PQFJ-7GP5