Security
Headlines

Headlines Latest CVEs

Headline

GHSA-9vm7-v8wj-3fqw: keycloak-core: open redirect via "form_post.jwt" JARM response mode

An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt". It is observed that changing the response_mode parameter in the original proof of concept from “form_post” to “form_post.jwt” can bypass the security patch implemented to address CVE-2023-6134.

10 months ago

#git #java #auth #maven

GitHub Advisory Database
GitHub Reviewed
GHSA-9vm7-v8wj-3fqw

keycloak-core: open redirect via “form_post.jwt” JARM response mode

Moderate severity GitHub Reviewed Published Jan 22, 2024 in keycloak/keycloak

Package

maven org.keycloak:keycloak-core (Maven)

Affected versions

< 23.0.4

An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt". It is observed that changing the response_mode parameter in the original proof of concept from “form_post” to “form_post.jwt” can bypass the security patch implemented to address CVE-2023-6134.

References

GHSA-9vm7-v8wj-3fqw

Published to the GitHub Advisory Database

Jan 23, 2024

ghsa: Latest News

GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

4 hours ago

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

4 hours ago

GHSA-55v3-xh23-96gh: `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

4 hours ago

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

7 hours ago

GHSA-6q3q-6v5j-h6vg: Querydsl vulnerable to HQL injection trough orderBy

7 hours ago