High severity7.3NVD Advisory· Published Apr 9, 2024· Updated Apr 15, 2026
CVE-2024-1233
CVE-2024-1233
Description
A flaw was found in JwtValidator.resolvePublicKey in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wildfly.security:wildfly-elytron-realm-tokenMaven | <= 2.4.0.CR1 | — |
Patches
1aa151a00d75dMerge pull request #17812 from fjuma/WFLY-19226
1 file changed · +11 −0
docs/src/main/asciidoc/_elytron/Bearer_Token_Authorization.adoc+11 −0 modified@@ -133,6 +133,17 @@ using provided `client-ssl-context`. You can skip token signature verification b It is strongly recommended that you use signed JWTs in order to guarantee authenticity of tokens and make sure they were not tampered. +[NOTE] +==== +During JWT validation, if the `jku` header is present in a token, it must exactly match one of the values +from a configured string of allowed values or token validation will fail. The allowed `jku` values for a `token-realm` +can be specified as a space separated string using the `wildfly.elytron.jwt.allowed.jku.values.<realm-name>` system +property. + +As an example, to set the allowed `jku` values for the `JwtRealm` to `https://somehost.com` and `https://someotherhost.com`, +we'd need to set the `wildfly.elytron.jwt.allowed.jku.values.JwtRealm` system property to `"https://somehost.com https://someotherhost.com"`. +==== + [[validating-OAuth2-bearer-tokens]] == Validating OAuth2 Bearer Tokens
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
16- github.com/advisories/GHSA-v4mm-q8fv-r2w5nvdADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-1233ghsaADVISORY
- access.redhat.com/errata/RHSA-2024:3559nvdWEB
- access.redhat.com/errata/RHSA-2024:3560nvdWEB
- access.redhat.com/errata/RHSA-2024:3561nvdWEB
- access.redhat.com/errata/RHSA-2024:3563nvdWEB
- access.redhat.com/errata/RHSA-2024:3580nvdWEB
- access.redhat.com/errata/RHSA-2024:3581nvdWEB
- access.redhat.com/errata/RHSA-2024:3583nvdWEB
- access.redhat.com/errata/RHSA-2025:9582nvdWEB
- access.redhat.com/errata/RHSA-2025:9583nvdWEB
- access.redhat.com/security/cve/CVE-2024-1233nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62ghsaWEB
- github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523nvdWEB
- issues.redhat.com/browse/WFLY-19226nvdWEB
News mentions
0No linked articles in our index yet.