Lucene search
+L

7 matches found

vulnersosv
vulnersosv
added 2024/04/17 5:31 p.m.5 views

com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +79 more potentially affected by CVE-2024-2419 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=22.0.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.6 - io.github.jeff-tian:keycloak-phone-provider =2.3.10 and more Source cves: CVE-2024-2419 Source advisor...

7.1CVSS7AI score0.00495EPSS
Exploits0
cgr
cgr
added 2024/04/17 2:15 p.m.41 views

CVE-2024-2419 vulnerabilities

Vulnerabilities for packages: keycloak-fips, keycloak...

7.1CVSS7AI score0.00495EPSS
Exploits0
wolfi
wolfi
added 2024/04/17 2:15 p.m.39 views

CVE-2024-2419 vulnerabilities

Vulnerabilities for packages: keycloak...

7.1CVSS7.2AI score0.00495EPSS
Exploits0
nvd
nvd
added 2024/04/17 2:15 p.m.38 views

CVE-2024-2419

A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...

7.1CVSS6.7AI score0.00495EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/04/17 1:23 p.m.72 views

CVE-2024-2419 Keycloak: path traversal in the redirect validation

A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...

7.1CVSS6.9AI score0.00495EPSS
Exploits0References3
cvelist
cvelist
added 2024/04/17 1:23 p.m.44 views

CVE-2024-2419 Keycloak: path traversal in the redirect validation

A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...

7.1CVSS6.9AI score0.00495EPSS
Exploits0References3
redhatcve
redhatcve
added 2024/04/17 1:2 p.m.67 views

CVE-2024-2419

A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...

7.1CVSS6.7AI score0.0095EPSS
Exploits0References3
Rows per page
Query Builder