CVE-2024-12369 | Red Hat Keycloak/JBoss Enterprise Application Platform wildfly-elytron-oidc-client-subsystem code injection

Posted by Angelo Barbosa | Dec 9, 2024 | CVE

A vulnerability has been found in Red Hat Keycloak and JBoss Enterprise Application Platform and classified as critical. This vulnerability affects unknown code of the component wildfly-elytron-oidc-client-subsystem. The manipulation leads to code injection.

This vulnerability was named CVE-2024-12369. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-12369 | Red Hat Keycloak/JBoss Enterprise Application Platform wildfly-elytron-oidc-client-subsystem code injection

Related Posts

CVE-2024-44160 | Apple macOS up to 13.6/14.6 Texture buffer overflow

CVE-2024-5421 | SEH Computertechnik utnserver Pro/utnserver ProMAX/INU-100 up to 20.1.22 Web Interface os command injection

CVE-2024-26708 | Linux Kernel up to 6.6.17/6.7.5 mptcp subflow_state_change race condition (4bfe217e075d/e158fb9679d1/337cebbd850f)

CVE-2024-7065 | Spina CMS up to 2.18.0 /admin/pages/ cross-site request forgery