[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-1233":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":42,"related":43,"reserved_at":9,"published_at":44,"modified_at":45,"state":46,"summary":47,"references_raw":56,"kevs":134,"epss":135,"epss_history":138,"metrics":401,"affected":411},"CVE-2024-1233","A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-918","Server-Side Request Forgery (SSRF)","The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.","weakness","Incomplete","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-664","Server Side Request Forgery",[],[],[25],"GHSA-v4mm-q8fv-r2w5",[],[28,30,32,34,36,38,40],{"_key":29},"RHSA-2024:3559",{"_key":31},"RHSA-2024:3560",{"_key":33},"RHSA-2024:3561",{"_key":35},"RHSA-2024:3580",{"_key":37},"RHSA-2024:3581",{"_key":39},"RHSA-2025:9582",{"_key":41},"RHSA-2025:9583",[],[],"2024-04-09T07:01:47.673Z","2025-12-01T12:49:56.281Z","Deferred",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":49,"epss_score":50,"severity":51,"severity_score":52,"severity_version":53,"severity_source":54,"severity_vector":55,"severity_status":46},false,"low",0.00177,"high",7.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",[57,66,70,74,78,82,86,90,94,98,103,108,112,116,120,125,129],{"url":58,"sources":59,"tags":62},"https://access.redhat.com/errata/RHSA-2024:3559",[54,60,61],"nvd","osv_maven",[63,64,65],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":67,"sources":68,"tags":69},"https://access.redhat.com/errata/RHSA-2024:3560",[54,60,61],[63,64,65],{"url":71,"sources":72,"tags":73},"https://access.redhat.com/errata/RHSA-2024:3561",[54,60,61],[63,64,65],{"url":75,"sources":76,"tags":77},"https://access.redhat.com/errata/RHSA-2024:3563",[54,60,61],[63,64,65],{"url":79,"sources":80,"tags":81},"https://access.redhat.com/errata/RHSA-2024:3580",[54,60,61],[63,64,65],{"url":83,"sources":84,"tags":85},"https://access.redhat.com/errata/RHSA-2024:3581",[54,60,61],[63,64,65],{"url":87,"sources":88,"tags":89},"https://access.redhat.com/errata/RHSA-2024:3583",[54,60,61],[63,64,65],{"url":91,"sources":92,"tags":93},"https://access.redhat.com/errata/RHSA-2025:9582",[54,60,61],[63,64,65],{"url":95,"sources":96,"tags":97},"https://access.redhat.com/errata/RHSA-2025:9583",[54,60,61],[63,64,65],{"url":99,"sources":100,"tags":101},"https://access.redhat.com/security/cve/CVE-2024-1233",[54,60,61],[102,64,65],"VDB Entry",{"url":104,"sources":105,"tags":106},"https://bugzilla.redhat.com/show_bug.cgi?id=2262849",[54,60,61],[107,64,65],"Issue Tracking",{"url":109,"sources":110,"tags":111},"https://github.com/advisories/GHSA-v4mm-q8fv-r2w5",[54,60],[],{"url":113,"sources":114,"tags":115},"https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523",[54,60,61],[65],{"url":117,"sources":118,"tags":119},"https://issues.redhat.com/browse/WFLY-19226",[54,60,61],[65],{"url":121,"sources":122,"tags":123},"https://nvd.nist.gov/vuln/detail/CVE-2024-1233",[61],[124],"Advisory",{"url":126,"sources":127,"tags":128},"https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62",[61],[65],{"url":130,"sources":131,"tags":132},"https://github.com/wildfly-security/wildfly-elytron",[61],[133],"PACKAGE",[],{"date":136,"score":50,"percentile":137},"2026-06-05",0.39071,[139,143,146,149,152,155,158,161,164,167,170,173,176,179,181,185,188,191,194,197,200,203,206,209,212,215,218,221,224,227,229,232,235,238,241,244,247,250,253,256,259,261,264,267,270,273,276,279,281,283,286,289,292,295,298,300,302,305,307,310,313,316,319,322,325,327,330,333,336,339,342,345,348,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398],{"date":140,"score":141,"percentile":142},"2025-11-04",0.00182,0.40235,{"date":144,"score":50,"percentile":145},"2025-11-05",0.39585,{"date":147,"score":50,"percentile":148},"2025-11-06",0.39592,{"date":150,"score":50,"percentile":151},"2025-11-07",0.39617,{"date":153,"score":50,"percentile":154},"2025-11-08",0.3961,{"date":156,"score":50,"percentile":157},"2025-11-09",0.39594,{"date":159,"score":50,"percentile":160},"2025-11-10",0.39557,{"date":162,"score":50,"percentile":163},"2025-11-11",0.39576,{"date":165,"score":50,"percentile":166},"2025-11-12",0.39609,{"date":168,"score":50,"percentile":169},"2025-11-13",0.39625,{"date":171,"score":50,"percentile":172},"2025-11-14",0.39627,{"date":174,"score":50,"percentile":175},"2025-11-15",0.39622,{"date":177,"score":50,"percentile":178},"2025-11-16",0.39603,{"date":180,"score":50,"percentile":163},"2025-11-17",{"date":182,"score":183,"percentile":184},"2025-11-18",0.00823,0.72345,{"date":186,"score":183,"percentile":187},"2025-11-19",0.72353,{"date":189,"score":183,"percentile":190},"2025-11-20",0.72362,{"date":192,"score":50,"percentile":193},"2025-11-21",0.39578,{"date":195,"score":50,"percentile":196},"2025-11-22",0.39579,{"date":198,"score":50,"percentile":199},"2025-11-23",0.3955,{"date":201,"score":50,"percentile":202},"2025-11-24",0.39539,{"date":204,"score":50,"percentile":205},"2025-11-25",0.39552,{"date":207,"score":50,"percentile":208},"2025-11-26",0.39545,{"date":210,"score":50,"percentile":211},"2025-11-27",0.39555,{"date":213,"score":50,"percentile":214},"2025-11-28",0.3953,{"date":216,"score":50,"percentile":217},"2025-11-29",0.39504,{"date":219,"score":50,"percentile":220},"2025-11-30",0.39482,{"date":222,"score":50,"percentile":223},"2025-12-01",0.39605,{"date":225,"score":50,"percentile":226},"2025-12-02",0.39611,{"date":228,"score":50,"percentile":226},"2025-12-03",{"date":230,"score":50,"percentile":231},"2025-12-04",0.39477,{"date":233,"score":50,"percentile":234},"2025-12-05",0.39511,{"date":236,"score":50,"percentile":237},"2025-12-06",0.39508,{"date":239,"score":50,"percentile":240},"2025-12-07",0.39486,{"date":242,"score":50,"percentile":243},"2025-12-08",0.39502,{"date":245,"score":50,"percentile":246},"2025-12-09",0.3954,{"date":248,"score":50,"percentile":249},"2025-12-10",0.39602,{"date":251,"score":50,"percentile":252},"2025-12-11",0.3963,{"date":254,"score":50,"percentile":255},"2025-12-12",0.39664,{"date":257,"score":50,"percentile":258},"2025-12-13",0.3964,{"date":260,"score":50,"percentile":178},"2025-12-14",{"date":262,"score":50,"percentile":263},"2025-12-15",0.39584,{"date":265,"score":50,"percentile":266},"2025-12-16",0.39614,{"date":268,"score":50,"percentile":269},"2025-12-17",0.39659,{"date":271,"score":50,"percentile":272},"2025-12-18",0.39704,{"date":274,"score":50,"percentile":275},"2025-12-19",0.3972,{"date":277,"score":50,"percentile":278},"2025-12-20",0.397,{"date":280,"score":50,"percentile":269},"2025-12-21",{"date":282,"score":50,"percentile":252},"2025-12-22",{"date":284,"score":50,"percentile":285},"2025-12-23",0.39637,{"date":287,"score":50,"percentile":288},"2025-12-24",0.39655,{"date":290,"score":50,"percentile":291},"2025-12-25",0.39707,{"date":293,"score":50,"percentile":294},"2025-12-26",0.39686,{"date":296,"score":50,"percentile":297},"2025-12-27",0.3971,{"date":299,"score":50,"percentile":223},"2025-12-28",{"date":301,"score":50,"percentile":196},"2025-12-29",{"date":303,"score":50,"percentile":304},"2025-12-30",0.39568,{"date":306,"score":50,"percentile":175},"2025-12-31",{"date":308,"score":50,"percentile":309},"2026-01-01",0.3977,{"date":311,"score":50,"percentile":312},"2026-01-02",0.39747,{"date":314,"score":50,"percentile":315},"2026-01-03",0.39738,{"date":317,"score":50,"percentile":318},"2026-01-04",0.39574,{"date":320,"score":50,"percentile":321},"2026-01-05",0.39548,{"date":323,"score":50,"percentile":324},"2026-01-06",0.39551,{"date":326,"score":50,"percentile":163},"2026-01-07",{"date":328,"score":50,"percentile":329},"2026-01-08",0.39601,{"date":331,"score":50,"percentile":332},"2026-01-09",0.39587,{"date":334,"score":50,"percentile":335},"2026-01-10",0.39586,{"date":337,"score":50,"percentile":338},"2026-01-11",0.39564,{"date":340,"score":50,"percentile":341},"2026-01-12",0.39515,{"date":343,"score":50,"percentile":344},"2026-01-13",0.39498,{"date":346,"score":50,"percentile":347},"2026-01-14",0.39546,{"date":349,"score":50,"percentile":202},"2026-01-15",{"date":351,"score":50,"percentile":352},"2026-01-16",0.3956,{"date":354,"score":50,"percentile":355},"2026-01-17",0.39532,{"date":357,"score":50,"percentile":358},"2026-01-18",0.39485,{"date":360,"score":50,"percentile":361},"2026-01-19",0.39457,{"date":363,"score":50,"percentile":364},"2026-01-20",0.39438,{"date":366,"score":50,"percentile":367},"2026-01-21",0.39434,{"date":369,"score":50,"percentile":370},"2026-01-22",0.39423,{"date":372,"score":50,"percentile":373},"2026-01-23",0.39484,{"date":375,"score":50,"percentile":376},"2026-01-24",0.39491,{"date":378,"score":50,"percentile":379},"2026-01-25",0.39442,{"date":381,"score":50,"percentile":382},"2026-01-26",0.39385,{"date":384,"score":50,"percentile":385},"2026-01-27",0.39384,{"date":387,"score":50,"percentile":388},"2026-01-28",0.39379,{"date":390,"score":50,"percentile":391},"2026-01-29",0.39357,{"date":393,"score":50,"percentile":394},"2026-01-30",0.3936,{"date":396,"score":50,"percentile":397},"2026-01-31",0.39367,{"date":399,"score":50,"percentile":400},"2026-02-01",0.39472,[402,407,409],{"source":54,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":403,"cvss_v4_0":9},{"baseScore":52,"baseSeverity":404,"vectorString":55,"impactScore":405,"exploitabilityScore":406},"HIGH",5.7,10,{"source":60,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":408,"cvss_v4_0":9},{"baseScore":52,"baseSeverity":404,"vectorString":55,"impactScore":405,"exploitabilityScore":406},{"source":61,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":410,"cvss_v4_0":9},{"baseScore":52,"baseSeverity":9,"vectorString":55,"impactScore":405,"exploitabilityScore":406},[412],{"ecosystem":413,"name":414,"vendor":415,"product":416,"cpe_part":9,"purl_type":417,"purl_namespace":415,"purl_name":416,"source":9,"versions":418},"Maven","org.wildfly.security:wildfly-elytron-realm-token","org.wildfly.security","wildfly-elytron-realm-token","maven",[419],{"version":420,"is_range":421,"range_type":422,"version_start":9,"version_start_type":9,"version_end":423,"version_end_type":424,"fixed_in":9},"lte2_4_0_CR1",true,"ecosystem","2.4.0.CR1","including"]