GHSA-3p75-q5cc-qmj7: Duplicate Advisory: Keycloak Open Redirect vulnerability
4.6
CVSS Score
3.1
Basic Information
CVE ID
-
GHSA ID
EPSS Score
-
CWE
Published
12/19/2023
Updated
12/23/2024
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.keycloak:keycloak-parent | maven | <= 23.0.3 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper redirect URI validation in JARM 'form_post.jwt' responses. AuthorizationEndpoint is the primary handler for OIDC authorization flows, and JARMUtil handles JARM-specific logic. The first function likely fails to enforce strict redirect URI matching when processing wildcards in JARM mode, while the second might improperly embed unvalidated URIs in JWTs. Confidence is high for AuthorizationEndpoint due to its central role in response handling, and medium for JARMUtil as secondary processing logic.