High severityNVD Advisory· Published Nov 30, 2018· Updated Aug 5, 2024
CVE-2018-14637
CVE-2018-14637
Description
The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.keycloak:keycloak-coreMaven | < 4.6.0 | 4.6.0 |
Affected products
1Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-gf2j-7qwg-4f5xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-14637ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.