VDB
KO
HIGH 7.7

GHSA-794g-x443-36f7

Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

Details

Keycloak's SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response, injecting an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.

Are you affected?

Enter the version of the package you're using.

Affected packages

Maven / org.keycloak:keycloak-services
Introduced in: 0

No fixed version published yet for org.keycloak:keycloak-services (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.keycloak:keycloak-services
Introduced in: 26.3.0

No fixed version published yet for org.keycloak:keycloak-services (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.keycloak:keycloak-services
Introduced in: 26.5.0

No fixed version published yet for org.keycloak:keycloak-services (maven). Pin to a known-safe version or switch to an alternative.

References