Metrics
Affected Vendors & Products
Source | ID | Title |
---|---|---|
![]() |
EUVD-2023-3249 | A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users. |
![]() |
GHSA-mpwq-j3xf-7m5w | The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted |
Solution
No solution given by the vendor.
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Wed, 13 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-10-09T11:52:01.061Z
Reserved: 2023-11-24T18:16:45.923Z
Link: CVE-2023-6291

Updated: 2024-08-02T08:28:21.867Z

Status : Modified
Published: 2024-01-26T15:15:08.280
Modified: 2024-11-21T08:43:32.587
Link: CVE-2023-6291


No data.