VDB
GHSA-vvf8-2h68-9475
GHSA-vvf8-2h68-9475
REJECTED
CVSS 6.800000190734863 MEDIUM
Duplicate Advisory: Keycloak Open Redirect vulnerability
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Maven | org.keycloak:keycloak-services | 0, 0, 0 |
Timeline
- Sep 19, 2024 CVE Published
- Dec 20, 2024 CVE Updated
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
- Mar 2, 2026 Distribution Patch
References
- https://nvd.nist.gov/vuln/detail/CVE-2024-8883 advisory
- https://github.com/keycloak/keycloak/releases/tag/25.0.6 url
- https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java url
- https://github.com/keycloak/keycloak package
- https://bugzilla.redhat.com/show_bug.cgi?id=2312511 url
- https://access.redhat.com/security/cve/CVE-2024-8883 url
- https://access.redhat.com/errata/RHSA-2024:8826 url
- https://access.redhat.com/errata/RHSA-2024:8824 url
- https://access.redhat.com/errata/RHSA-2024:8823 url
- https://access.redhat.com/errata/RHSA-2024:6890 url
- https://access.redhat.com/errata/RHSA-2024:6889 url
- https://access.redhat.com/errata/RHSA-2024:6888 url
- https://access.redhat.com/errata/RHSA-2024:6887 url
- https://access.redhat.com/errata/RHSA-2024:6886 url
- https://access.redhat.com/errata/RHSA-2024:6882 url
- https://access.redhat.com/errata/RHSA-2024:6880 url
- https://access.redhat.com/errata/RHSA-2024:6879 url
- https://access.redhat.com/errata/RHSA-2024:6878 url
- https://access.redhat.com/errata/RHSA-2024:10386 url
- https://access.redhat.com/errata/RHSA-2024:10385 url