Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.keycloak/keycloak-services@24.0.6
Typemaven
Namespaceorg.keycloak
Namekeycloak-services
Version24.0.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-ezqk-pyhr-5ffj
vulnerability_id VCID-ezqk-pyhr-5ffj
summary 
Keycloak has session fixation in Elytron SAML adapters
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:6493
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6493
1
reference_url https://access.redhat.com/errata/RHSA-2024:6494
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6494
2
reference_url https://access.redhat.com/errata/RHSA-2024:6495
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6495
3
reference_url https://access.redhat.com/errata/RHSA-2024:6497
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6497
4
reference_url https://access.redhat.com/errata/RHSA-2024:6499
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6499
5
reference_url https://access.redhat.com/errata/RHSA-2024:6500
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6500
6
reference_url https://access.redhat.com/errata/RHSA-2024:6501
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6501
7
reference_url https://access.redhat.com/errata/RHSA-2024:6502
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6502
8
reference_url https://access.redhat.com/errata/RHSA-2024:6503
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/errata/RHSA-2024:6503
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7341.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7341.json
10
reference_url https://access.redhat.com/security/cve/CVE-2024-7341
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://access.redhat.com/security/cve/CVE-2024-7341
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7341
reference_id
reference_type
scores
0
value 0.01738
scoring_system epss
scoring_elements 0.82525
published_at 2026-04-18T12:55:00Z
1
value 0.01738
scoring_system epss
scoring_elements 0.8243
published_at 2026-04-02T12:55:00Z
2
value 0.01738
scoring_system epss
scoring_elements 0.82448
published_at 2026-04-04T12:55:00Z
3
value 0.01738
scoring_system epss
scoring_elements 0.82444
published_at 2026-04-07T12:55:00Z
4
value 0.01738
scoring_system epss
scoring_elements 0.82471
published_at 2026-04-08T12:55:00Z
5
value 0.01738
scoring_system epss
scoring_elements 0.82478
published_at 2026-04-09T12:55:00Z
6
value 0.01738
scoring_system epss
scoring_elements 0.82496
published_at 2026-04-11T12:55:00Z
7
value 0.01738
scoring_system epss
scoring_elements 0.82492
published_at 2026-04-12T12:55:00Z
8
value 0.01738
scoring_system epss
scoring_elements 0.82487
published_at 2026-04-13T12:55:00Z
9
value 0.01738
scoring_system epss
scoring_elements 0.82524
published_at 2026-04-16T12:55:00Z
10
value 0.02246
scoring_system epss
scoring_elements 0.84623
published_at 2026-04-24T12:55:00Z
11
value 0.02246
scoring_system epss
scoring_elements 0.84596
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7341
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2302064
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2302064
13
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
14
reference_url https://github.com/keycloak/keycloak/commit/2341d6ee7a3567c58fd6a04a419fe4403e13374c
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/2341d6ee7a3567c58fd6a04a419fe4403e13374c
15
reference_url https://github.com/keycloak/keycloak/commit/5b3de0c7e7f367103affe2f5167913a2ce021cf1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/5b3de0c7e7f367103affe2f5167913a2ce021cf1
16
reference_url https://github.com/keycloak/keycloak/commit/5e06da2f6794c695051605e26a01affa3a18f66b
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/5e06da2f6794c695051605e26a01affa3a18f66b
17
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-5rxp-2rhr-qwqv
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-5rxp-2rhr-qwqv
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7341
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-7341
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
reference_id cpe:/a:redhat:build_keycloak:22
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
reference_id cpe:/a:redhat:build_keycloak:22::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
reference_id cpe:/a:redhat:build_keycloak:24
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
reference_id cpe:/a:redhat:build_keycloak:24::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
29
reference_url https://github.com/advisories/GHSA-5rxp-2rhr-qwqv
reference_id GHSA-5rxp-2rhr-qwqv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5rxp-2rhr-qwqv
30
reference_url https://github.com/advisories/GHSA-j76j-rqwj-jmvv
reference_id GHSA-j76j-rqwj-jmvv
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T19:59:06Z/
url https://github.com/advisories/GHSA-j76j-rqwj-jmvv
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-services@24.0.7
purl pkg:maven/org.keycloak/keycloak-services@24.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6ku-ys87-cqh4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-services@24.0.7
1
url pkg:maven/org.keycloak/keycloak-services@25.0.5
purl pkg:maven/org.keycloak/keycloak-services@25.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dgp-xdrz-q7dv
1
vulnerability VCID-5f8r-n4mm-y3g6
2
vulnerability VCID-5vwq-aqk5-nkh9
3
vulnerability VCID-5zh4-963a-q3gp
4
vulnerability VCID-6hy1-r23s-cbhy
5
vulnerability VCID-7c1j-kcbb-v3f1
6
vulnerability VCID-bhrr-nn9f-7udu
7
vulnerability VCID-by72-dvnw-m3gu
8
vulnerability VCID-cdsa-wmby-ebbq
9
vulnerability VCID-d2rd-6u56-yfd8
10
vulnerability VCID-d6ku-ys87-cqh4
11
vulnerability VCID-e4ub-v4ef-affb
12
vulnerability VCID-gnxr-2t9g-4ye4
13
vulnerability VCID-gzz6-md9v-b3em
14
vulnerability VCID-m3uj-4mag-kbf2
15
vulnerability VCID-mku9-3bpp-aqbk
16
vulnerability VCID-nxhc-rp71-hbdk
17
vulnerability VCID-pjgz-fa5h-tkfh
18
vulnerability VCID-qgbq-s33g-d7af
19
vulnerability VCID-uuf2-u7xh-uuef
20
vulnerability VCID-ver5-9t6m-c3ef
21
vulnerability VCID-vstv-ec14-quc5
22
vulnerability VCID-w5f1-xryr-fucq
23
vulnerability VCID-x4aw-v76q-vbdc
24
vulnerability VCID-xd7x-aevv-cfcp
25
vulnerability VCID-xfnw-15sz-zyfr
26
vulnerability VCID-y1h3-yyn9-53fr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-services@25.0.5
aliases CVE-2024-7341, GHSA-5rxp-2rhr-qwqv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezqk-pyhr-5ffj
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-services@24.0.6