logo

Database

Server-side request forgery (SSRF) In org.keycloak:keycloak-services

Description

Keycloak: Redirect URI validation bypass via ..;/ path traversal in OIDC auth endpoint A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-38722. NVD-2026-38723. OSV-2026-38724. GCVE-2026-38725. access.redhat.com6. access.redhat.com7. access.redhat.com8. access.redhat.com9. ACCESS-CVE-2026-3872

References

1. https://github.com/keycloak/keycloak/issues/477182. https://github.com/keycloak/keycloak/commit/35a71b00bc856ac402711130f60190d3a24795e73. https://bugzilla.redhat.com/show_bug.cgi?id=2445988

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.