Bug 2138971 (CVE-2022-3782) - CVE-2022-3782 keycloak: path traversal via double URL encoding
Summary: CVE-2022-3782 keycloak: path traversal via double URL encoding
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-3782
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2138952
TreeView+ depends on / blocked
 
Reported: 2022-10-31 19:55 UTC by Chess Hazlett
Modified: 2024-02-06 04:25 UTC (History)
72 users (show)

Fixed In Version: keycloak 20.0.2
Clone Of:
Environment:
Last Closed: 2022-12-14 09:48:44 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:8961 0 None None None 2022-12-13 14:00:26 UTC
Red Hat Product Errata RHSA-2022:8962 0 None None None 2022-12-13 14:00:43 UTC
Red Hat Product Errata RHSA-2022:8963 0 None None None 2022-12-13 14:00:56 UTC
Red Hat Product Errata RHSA-2022:8964 0 None None None 2022-12-13 15:30:32 UTC
Red Hat Product Errata RHSA-2022:8965 0 None None None 2022-12-13 14:05:08 UTC
Red Hat Product Errata RHSA-2023:1043 0 None None None 2023-03-01 21:43:37 UTC
Red Hat Product Errata RHSA-2023:1044 0 None None None 2023-03-01 21:46:03 UTC
Red Hat Product Errata RHSA-2023:1045 0 None None None 2023-03-01 21:48:32 UTC
Red Hat Product Errata RHSA-2023:1047 0 None None None 2023-03-01 21:51:18 UTC
Red Hat Product Errata RHSA-2023:1049 0 None None None 2023-03-01 21:59:34 UTC
Red Hat Product Errata RHSA-2023:1285 0 None None None 2023-03-16 07:57:11 UTC
Red Hat Product Errata RHSA-2023:1661 0 None None None 2023-04-05 13:35:15 UTC
Red Hat Product Errata RHSA-2023:2041 0 None None None 2023-04-27 00:48:54 UTC
Red Hat Product Errata RHSA-2023:2135 0 None None None 2023-05-04 15:57:21 UTC
Red Hat Product Errata RHSA-2023:3185 0 None None None 2023-05-17 13:58:58 UTC
Red Hat Product Errata RHSA-2023:3815 0 None None None 2023-06-27 11:29:04 UTC

Description Chess Hazlett 2022-10-31 19:55:33 UTC 
Keycloak does not properly validate URLs included in a redirect. An attacker could construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain, or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.
Comment 6 errata-xmlrpc 2022-12-13 14:00:24 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 7

Via RHSA-2022:8961 https://access.redhat.com/errata/RHSA-2022:8961
Comment 7 errata-xmlrpc 2022-12-13 14:00:42 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 8

Via RHSA-2022:8962 https://access.redhat.com/errata/RHSA-2022:8962
Comment 8 errata-xmlrpc 2022-12-13 14:00:54 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 9

Via RHSA-2022:8963 https://access.redhat.com/errata/RHSA-2022:8963
Comment 9 errata-xmlrpc 2022-12-13 14:05:07 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6.1

Via RHSA-2022:8965 https://access.redhat.com/errata/RHSA-2022:8965
Comment 10 errata-xmlrpc 2022-12-13 15:30:30 UTC 
This issue has been addressed in the following products:

  RHEL-8 based Middleware Containers

Via RHSA-2022:8964 https://access.redhat.com/errata/RHSA-2022:8964
Comment 11 Product Security DevOps Team 2022-12-14 09:48:42 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-3782
Comment 18 mposolda 2023-02-13 14:06:40 UTC 
@ggrzybek AFAIK it should be RHSSO 7.6.2. This one should be released very soon (probably in February 2023). Related JIRA is https://issues.redhat.com/browse/RHSSO-2318
Comment 23 errata-xmlrpc 2023-03-01 21:43:33 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 7

Via RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1043
Comment 24 errata-xmlrpc 2023-03-01 21:45:59 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 8

Via RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1044
Comment 25 errata-xmlrpc 2023-03-01 21:48:28 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 9

Via RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1045
Comment 26 errata-xmlrpc 2023-03-01 21:51:14 UTC 
This issue has been addressed in the following products:

  RHEL-8 based Middleware Containers

Via RHSA-2023:1047 https://access.redhat.com/errata/RHSA-2023:1047
Comment 27 errata-xmlrpc 2023-03-01 21:59:30 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On

Via RHSA-2023:1049 https://access.redhat.com/errata/RHSA-2023:1049
Comment 28 errata-xmlrpc 2023-03-16 07:57:09 UTC 
This issue has been addressed in the following products:

  Migration Toolkit for Runtimes 1 on RHEL 8

Via RHSA-2023:1285 https://access.redhat.com/errata/RHSA-2023:1285
Comment 29 errata-xmlrpc 2023-04-05 13:35:12 UTC 
This issue has been addressed in the following products:

  AMQ Broker 7.11.0

Via RHSA-2023:1661 https://access.redhat.com/errata/RHSA-2023:1661
Comment 30 errata-xmlrpc 2023-04-27 00:48:51 UTC 
This issue has been addressed in the following products:

  MTA-6.1-RHEL-8

Via RHSA-2023:2041 https://access.redhat.com/errata/RHSA-2023:2041
Comment 31 errata-xmlrpc 2023-05-04 15:57:17 UTC 
This issue has been addressed in the following products:

  Red Hat Process Automation

Via RHSA-2023:2135 https://access.redhat.com/errata/RHSA-2023:2135
Comment 32 errata-xmlrpc 2023-05-17 13:58:54 UTC 
This issue has been addressed in the following products:

  AMQ Broker 7.10.3

Via RHSA-2023:3185 https://access.redhat.com/errata/RHSA-2023:3185
Comment 35 errata-xmlrpc 2023-06-27 11:29:00 UTC 
This issue has been addressed in the following products:

  RHINT Service Registry 2.4.3 GA

Via RHSA-2023:3815 https://access.redhat.com/errata/RHSA-2023:3815
Note You need to log in before you can comment on or make changes to this bug.