Security
Headlines
HeadlinesLatestCVEs

Tag

#maven

GHSA-72vp-xfrc-42xm: Keycloak path transversal vulnerability in redirection validation

A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field. #### Acknowledgements: Special thanks to Axel Flamcourt for reporting this issue and helping us improve our project.

ghsa
#vulnerability#git#java#perl#maven
GHSA-m6q9-p373-g5q8: Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS

A potential security flaw in the "checkLoginIframe" which allows unvalidated cross-origin messages, enabling potential DDoS attacks. By exploiting this vulnerability, attackers could coordinate to send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages. #### Acknowledgements Special thanks to Adriano Márcio Monteiro from BRZTEC for reporting this issue and helping us improve our project.

GHSA-j628-q885-8gr5: Keycloak vulnerable to log Injection during WebAuthn authentication or registration

A flaw was found in keycloak 22.0.5. Errors in browser client during setup/auth with "Security Key login" (WebAuthn) are written into the form, send to Keycloak and logged without escaping allowing log injection. Acknowledgements: Special thanks toTheresa Henze for reporting this issue and helping us improve our security.

GHSA-46c8-635v-68r2: Keycloak Authorization Bypass vulnerability

Due to a permissive regular expression hardcoded for filtering allowed hosts to register a dynamic client, a malicious user with enough information about the environment could benefit and jeopardize an environment with this specific Dynamic Client Registration with TrustedDomain configuration previously unauthorized. #### Acknowledgements: Special thanks to Bastian Kanbach for reporting this issue and helping us improve our security.

GHSA-8rmm-gm28-pj8q: Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow

Keycloak allows arbitrary URLs as SAML Assertion Consumer Service POST Binding URL (ACS), including JavaScript URIs (javascript:). Allowing JavaScript URIs in combination with HTML forms leads to JavaScript evaluation in the context of the embedding origin on form submission. #### Acknowledgements: Special thanks to Lauritz Holtmann for reporting this issue and helping us improve our project.

GHSA-4f53-xh3v-g8x4: Keycloak secondary factor bypass in step-up authentication

Keycloak does not correctly validate its client step-up authentication. A password-authed attacker could use this flaw to register a false second auth factor, alongside the existing one, to a targeted account. The second factor then permits step-up authentication.

GHSA-mrv8-pqfj-7gp5: Keycloak path traversal vulnerability in the redirect validation

An issue was found in the redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts.

GHSA-r52h-fjm7-93j8: BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery

Versions of the BlazeMeter Jenkins plugin prior to 4.22 contain a flaw which results in credential enumeration.

Ubuntu Security Notice USN-6730-1

Ubuntu Security Notice 6730-1 - It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to run arbitrary code.

XZ Utils Scare Exposes Hard Truths About Software Security

Much of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.