6.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-10270

GHSA ID

GHSA-wq8x-cg39-8mrr

EPSS Score

0.32298%

CWE

CWE-1333

Published

11/25/2024

Updated

12/18/2024

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-10270

CVE-2024-10270: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity

A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-10270

CVE-2024-10270:

6.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-10270

GHSA ID

GHSA-wq8x-cg39-8mrr

EPSS Score

0.32298%

CWE

CWE-1333

Published

11/25/2024

Updated

12/18/2024

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.keycloak:keycloak-services	maven	< 24.0.9	24.0.9
org.keycloak:keycloak-services	maven	>= 25.0.0, < 26.0.6	26.0.6

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The commit diff shows the removal of regex-based parsing (queryPattern and escapedCharsPattern) in SearchQueryUtils.java, replaced with manual character iteration. The added ReDoS test in SearchQueryUtilsTest.java confirms the vulnerability stemmed from regex inefficiency. The getFields() method directly processed untrusted input with these regex patterns, making it the primary vulnerable function. The unescape() method, while less critical, was part of the vulnerable parsing logic and was also removed in the patch.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

6.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-10270: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity

CVE-2024-10270:

6.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2024-10270: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity

6.5

6.5

Basic Information

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI