A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
mta/mta Red Hat / RHEL
Fixed in: ui-rhel9@sha256:0e0167affe099168142b9ebdce5520e972dea63ff6c7f3cda48e0bb4ae4cd0ec_amd64 RHSA-2024:3989 Fixed in: hub-rhel9@sha256:325bec37f1ab499f8ae0abb38ca3929f66a0fe63b6ebdf60a1cdc3bbd79ad25e_amd64 RHSA-2024:3989 Fixed in: operator-bundle@sha256:a13643117c2867351718a872f7f1b2350c67855ca73a727a1dc140754ffe6589_amd64 RHSA-2024:3989 Fixed in: rhel8-operator@sha256:f588b869c3f273eb20c4c80a9aa5acd4a84c56c1dd85429a39a7d2d60f28d41e_amd64 RHSA-2024:3989 Fixed in: pathfinder-rhel9@sha256:851d4890717247af6aa9b0b6da9be95fe8aeb70183834e9de15a4302c487b9f0_amd64 RHSA-2024:3989 mta/mta Rocky
Fixed in: rhel8-operator@sha256:f588b869c3f273eb20c4c80a9aa5acd4a84c56c1dd85429a39a7d2d60f28d41e_amd64 RHSA-2024:3989 Fixed in: operator-bundle@sha256:a13643117c2867351718a872f7f1b2350c67855ca73a727a1dc140754ffe6589_amd64 RHSA-2024:3989 Fixed in: pathfinder-rhel9@sha256:851d4890717247af6aa9b0b6da9be95fe8aeb70183834e9de15a4302c487b9f0_amd64 RHSA-2024:3989 Fixed in: ui-rhel9@sha256:0e0167affe099168142b9ebdce5520e972dea63ff6c7f3cda48e0bb4ae4cd0ec_amd64 RHSA-2024:3989 Fixed in: hub-rhel9@sha256:325bec37f1ab499f8ae0abb38ca3929f66a0fe63b6ebdf60a1cdc3bbd79ad25e_amd64 RHSA-2024:3989 mta/mta-windup Red Hat / RHEL
Fixed in: addon-rhel9@sha256:7884928eb3d01d4f9c8b5463ef9f6cec7d7df4d669e6d30cafe05af60202b003_amd64 RHSA-2024:3989 mta/mta-windup Rocky
Fixed in: addon-rhel9@sha256:7884928eb3d01d4f9c8b5463ef9f6cec7d7df4d669e6d30cafe05af60202b003_amd64 RHSA-2024:3989 mtr/mtr Rocky
Fixed in: rhel8-operator@sha256:0f129deb43182cb4979c40abaa5f7976531f054ef9c3ad03ebee710507744dd9_arm64 RHSA-2024:3919 Fixed in: operator-bundle@sha256:90d510486ed7e458b1eb16b5daf395c1b34bd6ddfb3333f41cb20bbc898ad36d_s390x RHSA-2024:3919 Fixed in: rhel8-operator@sha256:c7e15b0a37ac68d66e56e98c447d5166ed4dcd26a015fc85429698327b9a8ecf_s390x RHSA-2024:3919 Fixed in: operator-bundle@sha256:2c132bd429d741bcb1a36895f65dadc37450c647fc0861136710727bb69bc5d1_amd64 RHSA-2024:3919 Fixed in: rhel8-operator@sha256:8169013d1c2cac270421288b83d0f3537bcd5d1bafedb408e24ce85316a5c4c0_amd64 RHSA-2024:3919 Fixed in: operator-bundle@sha256:cde45cc88b03ad57956677aa2191fcf114c0cf4986ddded7ac4f4f0aa65c5c83_arm64 RHSA-2024:3919 Fixed in: operator-bundle@sha256:edde2c2b6191bf2b882e4ce5c97c1703dc42c2141af4476126e11f817910be0c_ppc64le RHSA-2024:3919 Fixed in: rhel8-operator@sha256:bc37d362d2ff0bad08e34aef2692e7af7b2529285822fe6262f66f1c885a56a4_ppc64le RHSA-2024:3919 mtr/mtr Red Hat / RHEL
Fixed in: operator-bundle@sha256:90d510486ed7e458b1eb16b5daf395c1b34bd6ddfb3333f41cb20bbc898ad36d_s390x RHSA-2024:3919 Fixed in: operator-bundle@sha256:2c132bd429d741bcb1a36895f65dadc37450c647fc0861136710727bb69bc5d1_amd64 RHSA-2024:3919 Fixed in: rhel8-operator@sha256:8169013d1c2cac270421288b83d0f3537bcd5d1bafedb408e24ce85316a5c4c0_amd64 RHSA-2024:3919 Fixed in: operator-bundle@sha256:cde45cc88b03ad57956677aa2191fcf114c0cf4986ddded7ac4f4f0aa65c5c83_arm64 RHSA-2024:3919 Fixed in: rhel8-operator@sha256:0f129deb43182cb4979c40abaa5f7976531f054ef9c3ad03ebee710507744dd9_arm64 RHSA-2024:3919 Fixed in: operator-bundle@sha256:edde2c2b6191bf2b882e4ce5c97c1703dc42c2141af4476126e11f817910be0c_ppc64le RHSA-2024:3919 Fixed in: rhel8-operator@sha256:bc37d362d2ff0bad08e34aef2692e7af7b2529285822fe6262f66f1c885a56a4_ppc64le RHSA-2024:3919 Fixed in: rhel8-operator@sha256:c7e15b0a37ac68d66e56e98c447d5166ed4dcd26a015fc85429698327b9a8ecf_s390x RHSA-2024:3919 mtr/mtr-web Red Hat / RHEL
Fixed in: container-rhel8@sha256:7788242640825875824a2f9565288b8284e560415c595b1503d116990018a44e_amd64 RHSA-2024:3919 Fixed in: container-rhel8@sha256:8aa060cb2b0fe2409fa8aa0030bd1841035d5e29c39fb699b68719109141f4bb_ppc64le RHSA-2024:3919 Fixed in: container-rhel8@sha256:7899a343fec790b2cdc475983f4bcb2afa5025b7a87e0752d68895b75b3c43ff_s390x RHSA-2024:3919 mtr/mtr-web Rocky
Fixed in: container-rhel8@sha256:7899a343fec790b2cdc475983f4bcb2afa5025b7a87e0752d68895b75b3c43ff_s390x RHSA-2024:3919 Fixed in: container-rhel8@sha256:7788242640825875824a2f9565288b8284e560415c595b1503d116990018a44e_amd64 RHSA-2024:3919 Fixed in: container-rhel8@sha256:8aa060cb2b0fe2409fa8aa0030bd1841035d5e29c39fb699b68719109141f4bb_ppc64le RHSA-2024:3919 mtr/mtr-web-executor Red Hat / RHEL
Fixed in: container-rhel8@sha256:b68eadce9000dd5d4bf452dccf0c6ef795aacbd47cd57a2b7bde78eb38695506_amd64 RHSA-2024:3919 Fixed in: container-rhel8@sha256:94b5ea42b3f8d462a5c4e67f73ff2981c3a5616c69d92a266d5dd2cc0f84cc77_s390x RHSA-2024:3919 Fixed in: container-rhel8@sha256:18ff92e2ec54ff45c233749f66a98f17dfcca533eda934f30c33d42aa3e8b46b_ppc64le RHSA-2024:3919 Fixed in: container-rhel8@sha256:dabf02f1c9d0d15959a7e49ba34d45e0399849207f0ce0ddead80ae44b06a608_arm64 RHSA-2024:3919 mtr/mtr-web-executor Rocky
Fixed in: container-rhel8@sha256:18ff92e2ec54ff45c233749f66a98f17dfcca533eda934f30c33d42aa3e8b46b_ppc64le RHSA-2024:3919 Fixed in: container-rhel8@sha256:b68eadce9000dd5d4bf452dccf0c6ef795aacbd47cd57a2b7bde78eb38695506_amd64 RHSA-2024:3919 Fixed in: container-rhel8@sha256:94b5ea42b3f8d462a5c4e67f73ff2981c3a5616c69d92a266d5dd2cc0f84cc77_s390x RHSA-2024:3919 Fixed in: container-rhel8@sha256:dabf02f1c9d0d15959a7e49ba34d45e0399849207f0ce0ddead80ae44b06a608_arm64 RHSA-2024:3919 rh-sso-7/sso76 Rocky
Fixed in: openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le RHSA-2024:1864 Fixed in: openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x RHSA-2024:1864 Fixed in: openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64 RHSA-2024:1864 rh-sso-7/sso76 Red Hat / RHEL
Fixed in: openshift-rhel8@sha256:1909db8bc47fdb4f6512e08fb21ec1457f64fa0abf8edf2530f5bf5a494d9b6d_amd64 RHSA-2024:1864 Fixed in: openshift-rhel8@sha256:b666f093f22ef27811114cca95c20aed890d4f3342116ab990d084cb2627d8cf_ppc64le RHSA-2024:1864 Fixed in: openshift-rhel8@sha256:1f842e8f262ece6cd98941fd29562251e19479eb4f4ba7cbd8e9a3bfa79325f0_s390x RHSA-2024:1864 rh-sso7-keycloak Red Hat / RHEL
rh-sso7-keycloak-server Red Hat / RHEL
rh-sso7-keycloak-server Rocky
rhbk/keycloak Rocky
Fixed in: rhel9-operator@sha256:06aa39709dbbd870a14be493bdd452243f700d2910072044ea0d7f8e4abe50b2_amd64 RHSA-2024:1867 Fixed in: operator-bundle@sha256:a47cee9b95ed78d7895c2582772abe3ccf239259ee3fbc2d7df8594450dc32f9_amd64 RHSA-2024:1867 Fixed in: rhel9@sha256:a462539eeff9638d642f13eb2dbc04a47cc39198a7f52d8b6eb07e1e14d783fd_amd64 RHSA-2024:1867 Fixed in: rhel9-operator@sha256:be417b344db10adf963d1f64c94e2d214e205489e03395dc508074d783e6422e_s390x RHSA-2024:1867 Fixed in: rhel9@sha256:20d135d4d422505497c9aa85afb6acb2d9378191358632700e1ce0f259507583_s390x RHSA-2024:1867 Fixed in: rhel9-operator@sha256:1f5fe6756a3767d1ca8cf3f79c9c14054012f73977602af5c1fc6c5e224fac52_ppc64le RHSA-2024:1867 Fixed in: rhel9@sha256:3787bdf294019d8a0f57f7d7e11da98522205de2625c7f287a1d00e11a5b2d83_ppc64le RHSA-2024:1867 rhbk/keycloak Red Hat / RHEL
Fixed in: rhel9-operator@sha256:06aa39709dbbd870a14be493bdd452243f700d2910072044ea0d7f8e4abe50b2_amd64 RHSA-2024:1867 Fixed in: operator-bundle@sha256:a47cee9b95ed78d7895c2582772abe3ccf239259ee3fbc2d7df8594450dc32f9_amd64 RHSA-2024:1867 Fixed in: rhel9@sha256:a462539eeff9638d642f13eb2dbc04a47cc39198a7f52d8b6eb07e1e14d783fd_amd64 RHSA-2024:1867 Fixed in: rhel9-operator@sha256:be417b344db10adf963d1f64c94e2d214e205489e03395dc508074d783e6422e_s390x RHSA-2024:1867 Fixed in: rhel9@sha256:20d135d4d422505497c9aa85afb6acb2d9378191358632700e1ce0f259507583_s390x RHSA-2024:1867 Fixed in: rhel9-operator@sha256:1f5fe6756a3767d1ca8cf3f79c9c14054012f73977602af5c1fc6c5e224fac52_ppc64le RHSA-2024:1867 Fixed in: rhel9@sha256:3787bdf294019d8a0f57f7d7e11da98522205de2625c7f287a1d00e11a5b2d83_ppc64le RHSA-2024:1867 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Impact
Confidentiality High
Integrity High
Availability None
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1.55% probability of exploitation in 30 days
72nd percentile
Elevated risk: more likely to be exploited than 72% of all known CVEs.
Other CWE-22 (Path Traversal) vulnerabilities, ordered by exploit likelihood. View all
Embed a live status badge for CVE-2024-1132 Markdown
[](https://tridentstack.com/cve/CVE-2024-1132)HTML
<a href="https://tridentstack.com/cve/CVE-2024-1132"><img src="https://tridentstack.com/cve/badge/CVE-2024-1132.svg" alt="CVE-2024-1132"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-06-30.