Search for packages
| purl | pkg:maven/org.wildfly.security/wildfly-elytron-realm-token@2.4.0.Final |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9p6a-t8zz-jkfd | WildFly Elytron: SSRF security issue A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability. |
CVE-2024-1233
GHSA-v4mm-q8fv-r2w5 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:55:19.772471+00:00 | GitLab Importer | Fixing | VCID-9p6a-t8zz-jkfd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.security/wildfly-elytron-realm-token/CVE-2024-1233.yml | 38.4.0 |
| 2026-04-12T00:13:53.289431+00:00 | GitLab Importer | Fixing | VCID-9p6a-t8zz-jkfd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.security/wildfly-elytron-realm-token/CVE-2024-1233.yml | 38.3.0 |
| 2026-04-03T00:20:12.153244+00:00 | GitLab Importer | Fixing | VCID-9p6a-t8zz-jkfd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.security/wildfly-elytron-realm-token/CVE-2024-1233.yml | 38.1.0 |