VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-services@22.0.12

Search for packages

Vulnerability	Summary	Fixed by
VCID-az5g-yu3m-g3c1 Aliases: CVE-2024-8883 GHSA-w8gr-xwp4-r9f7	Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.	22.0.13 Affected by 0 other vulnerabilities. 24.0.8 Affected by 0 other vulnerabilities. 25.0.6 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-az5g-yu3m-g3c1
Aliases:
CVE-2024-8883
GHSA-w8gr-xwp4-r9f7

Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.

22.0.13
Affected by 0 other vulnerabilities.

24.0.8
Affected by 0 other vulnerabilities.

25.0.6
Affected by 9 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T11:18:56.021903+00:00	GitLab Importer	Fixing	VCID-tawq-333x-b3e2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2024-7341.yml	37.0.0
2025-08-01T11:18:55.442667+00:00	GitLab Importer	Fixing	VCID-tawq-333x-b3e2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-5rxp-2rhr-qwqv.yml	37.0.0
2025-08-01T11:18:42.011450+00:00	GitLab Importer	Fixing	VCID-smva-uwpy-bud2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2024-4629.yml	37.0.0
2025-08-01T11:18:37.909565+00:00	GitLab Importer	Fixing	VCID-eqzy-cka8-eub3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-j76j-rqwj-jmvv.yml	37.0.0
2025-07-31T12:39:08.015875+00:00	GHSA Importer	Fixing	VCID-tawq-333x-b3e2	https://github.com/advisories/GHSA-5rxp-2rhr-qwqv	37.0.0
2025-07-31T12:39:07.829007+00:00	GHSA Importer	Affected by	VCID-az5g-yu3m-g3c1	https://github.com/advisories/GHSA-w8gr-xwp4-r9f7	37.0.0
2025-07-31T12:38:50.632306+00:00	GHSA Importer	Fixing	VCID-smva-uwpy-bud2	https://github.com/advisories/GHSA-gc7q-jgjv-vjr2	37.0.0
2025-07-31T12:38:45.643073+00:00	GHSA Importer	Fixing	VCID-eqzy-cka8-eub3	https://github.com/advisories/GHSA-j76j-rqwj-jmvv	37.0.0
2025-07-31T08:31:07.014581+00:00	GithubOSV Importer	Fixing	VCID-eqzy-cka8-eub3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/09/GHSA-j76j-rqwj-jmvv/GHSA-j76j-rqwj-jmvv.json	37.0.0
2025-07-31T08:30:47.295771+00:00	GithubOSV Importer	Fixing	VCID-smva-uwpy-bud2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/09/GHSA-gc7q-jgjv-vjr2/GHSA-gc7q-jgjv-vjr2.json	37.0.0
2025-07-31T08:29:39.813486+00:00	GithubOSV Importer	Fixing	VCID-tawq-333x-b3e2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-5rxp-2rhr-qwqv/GHSA-5rxp-2rhr-qwqv.json	37.0.0