Lucene search
K

85 matches found

Veracode
Veracode
added 2025/05/08 10:5 a.m.11 views

Improper Redirect URI Validation

@cloudflare/workers-oauth-provider is vulnerable to improper redirect URI validation. The vulnerability is due to missing validation of the redirecturi during the authorization step, allowing attackers to intercept authorization codes by supplying unapproved redirect URIs...

6.1CVSS6.6AI score0.00268EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/26 3:37 p.m.4 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/04 8:56 p.m.3 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.12 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.4 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
OSV
OSV
added 2024/10/14 8:55 p.m.4 views

GHSA-W8GR-XWP4-R9F7 Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.9AI score0.01959EPSS
Exploits0References21
Github Security Blog
Github Security Blog
added 2024/10/14 8:55 p.m.93 views

Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS6.2AI score0.01959EPSS
Exploits0References21Affected Software1
OSV
OSV
added 2024/09/19 6:30 p.m.2 views

GHSA-VVF8-2H68-9475 Duplicate Advisory: Keycloak Open Redirect vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8gr-xwp4-r9f7. This link is maintained to preserve external references. Original Description A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL...

7.7CVSS5.8AI score0.01959EPSS
Exploits0References20
Github Security Blog
Github Security Blog
added 2024/09/19 6:30 p.m.48 views

Duplicate Advisory: Keycloak Open Redirect vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8gr-xwp4-r9f7. This link is maintained to preserve external references. Original Description A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL...

6.1CVSS6.7AI score0.01959EPSS
Exploits0References20Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/19 5:6 p.m.6 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/19 4:54 p.m.3 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/19 4:43 p.m.7 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/19 4:43 p.m.12 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/19 4:43 p.m.3 views

Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.8AI score0.01959EPSS
Exploits0References5
NVD
NVD
added 2024/09/19 4:15 p.m.31 views

CVE-2024-8883

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS0.01959EPSS
Exploits0References17
OSV
OSV
added 2024/09/19 4:15 p.m.1 views

CVE-2024-8883

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.5AI score0.01959EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2024/09/19 4:15 p.m.2 views

CVE-2024-8883

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS5.9AI score0.01959EPSS
Exploits0References19Affected Software11
RedhatCVE
RedhatCVE
added 2024/09/19 3:45 p.m.28 views

CVE-2024-8883

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS6AI score0.01959EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/19 12:0 a.m.6 views

Red Hat Keycloak 输入验证错误漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An input validation error vulnerability exists in Red Hat Keycloak versions prior to 25.0.6, which stems from a configuration error that allows...

6.1CVSS4.2AI score0.01959EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/09/19 12:0 a.m.3 views

PT-2024-39298 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A misconfiguration flaw was found in Keycloak, allowing an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1. This...

7.7CVSS6.5AI score0.01959EPSS
Exploits0References30
Rows per page
Query Builder