CVE-2024-12369
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-12369
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-12369.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-12369
- Aliases
- Downstream
- Related
- Published
- 2024-12-09T21:15:08.203Z
- Modified
- 2025-11-15T15:18:30.226300Z
- Severity
-
- 4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the elytron-oidc-client subsystem with EAP 8.x, authorization code injection attacks can occur, allowing an attacker to inject a stolen authorization code into the attacker's own session with the client with a victim's identity. This is usually done with a Man-in-the-Middle (MitM) or phishing attack.
- References
-
- https://access.redhat.com/security/cve/CVE-2024-12369
- https://access.redhat.com/errata/RHSA-2025:3989
- https://bugzilla.redhat.com/show_bug.cgi?id=2331178
- https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb
- https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb
- https://github.com/wildfly-security/wildfly-elytron/pull/2253
- https://github.com/wildfly-security/wildfly-elytron/pull/2261
Affected packages
Git / github.com/wildfly-security/wildfly-elytron
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wildfly-security/wildfly-elytron
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
1.*
1.0.0.Alpha1
1.0.0.Alpha2
1.0.0.Alpha3
1.0.0.Alpha4
1.0.0.Beta1
1.0.0.Beta2
1.0.0.Beta3
1.0.0.Beta4
1.0.0.Beta5
1.0.0.Beta6
1.0.0.Beta7
1.0.0.Beta8
1.0.0.Beta9
1.0.0.CR2
1.0.0.CR3
1.0.0.CR4
1.0.1.CR1
1.0.4.CR1
1.0.5.Final
1.0.6.Final
1.0.7.Final
1.0.8.Final
1.0.9.Final
1.1.0.Alpha1
1.1.0.Beta1
1.1.0.Beta10
1.1.0.Beta11
1.1.0.Beta12
1.1.0.Beta13
1.1.0.Beta14
1.1.0.Beta15
1.1.0.Beta16
1.1.0.Beta17
1.1.0.Beta18
1.1.0.Beta19
1.1.0.Beta2
1.1.0.Beta20
1.1.0.Beta21
1.1.0.Beta22
1.1.0.Beta23
1.1.0.Beta24
1.1.0.Beta25
1.1.0.Beta26
1.1.0.Beta27
1.1.0.Beta28
1.1.0.Beta29
1.1.0.Beta3
1.1.0.Beta30
1.1.0.Beta31
1.1.0.Beta32
1.1.0.Beta33
1.1.0.Beta34
1.1.0.Beta35
1.1.0.Beta36
1.1.0.Beta37
1.1.0.Beta38
1.1.0.Beta39
1.1.0.Beta4
1.1.0.Beta40
1.1.0.Beta41
1.1.0.Beta42
1.1.0.Beta43
1.1.0.Beta44
1.1.0.Beta45
1.1.0.Beta46
1.1.0.Beta47
1.1.0.Beta48
1.1.0.Beta49
1.1.0.Beta5
1.1.0.Beta50
1.1.0.Beta51
1.1.0.Beta52
1.1.0.Beta53
1.1.0.Beta54
1.1.0.Beta55
1.1.0.Beta6
1.1.0.Beta7
1.1.0.Beta8
1.1.0.Beta9
1.1.0.CR1
1.1.0.CR2
1.1.0.CR3
1.1.0.CR4
1.1.0.CR5
1.1.0.CR6
1.1.0.Final
1.1.1.Final
1.1.10.Final
1.1.11.Final
1.1.12.Final
1.1.13.Final
1.1.2.CR1
1.1.2.Final
1.1.3.Final
1.1.4.Final
1.1.5.Final
1.1.6.Final
1.1.7.Final
1.1.8.Final
1.1.9.Final
1.10.0.CR1
1.10.0.CR2
1.10.0.CR3
1.10.0.CR4
1.10.0.CR5
1.10.0.CR6
1.10.0.Final
1.10.1.Final
1.10.10.Final
1.10.11.Final
1.10.12.Final
1.10.13.Final
1.10.14.Final
1.10.15.Final
1.10.2.Final
1.10.3.Final
1.10.4.Final
1.10.5.Final
1.10.6.Final
1.10.7.Final
1.10.8.Final
1.10.9.Final
1.11.0.CR1
1.11.0.CR2
1.11.0.CR3
1.11.0.CR4
1.11.0.CR5
1.11.0.Final
1.11.1.Final
1.11.2.Final
1.11.3.Final
1.11.4.Final
1.12.0.CR1
1.12.0.CR2
1.12.0.CR3
1.12.0.Final
1.12.1.Final
1.13.0.CR1
1.13.0.CR2
1.13.0.CR3
1.13.0.CR4
1.13.0.Final
1.13.1.Final
1.13.2.Final
1.14.0.Final
1.14.1.Final
1.14.2.Final
1.15.0.CR1
1.15.0.Final
1.15.1.Final
1.15.10.Final
1.15.11.Final
1.15.12.Final
1.15.13.Final
1.15.14.Final
1.15.15.Final
1.15.16.Final
1.15.17.Final
1.15.18.Final
1.15.19.Final
1.15.2.Final
1.15.20.Final
1.15.21.Final
1.15.22.Final
1.15.23.Final
1.15.24.Final
1.15.25.Final
1.15.3.Final
1.15.4.Final
1.15.5.Final
1.15.6.Final
1.15.7.Final
1.15.8.Final
1.15.9.Final
1.16.0.CR1
1.16.0.Final
1.16.1.Final
1.17.0.Final
1.17.1.Final
1.17.2.Final
1.17.3.Final
1.18.0.Final
1.18.1.Final
1.18.2.Final
1.18.3.Final
1.19.0.Final
1.19.1.Final
1.2.0.Beta1
1.2.0.Beta10
1.2.0.Beta11
1.2.0.Beta12
1.2.0.Beta2
1.2.0.Beta3
1.2.0.Beta4
1.2.0.Beta5
1.2.0.Beta6
1.2.0.Beta7
1.2.0.Beta8
1.2.0.Beta9
1.2.0.Final
1.2.1.Final
1.2.1.SP1
1.2.2.Final
1.2.2.SP1
1.2.2.SP2
1.2.3.Final
1.2.3.SP1
1.2.4.Final
1.20.0.Final
1.20.1.Final
1.20.2.Final
1.20.3.Final
1.20.4.Final
1.3.0.Final
1.3.1.Final
1.3.2.Final
1.3.3.Final
1.4.0.Final
1.4.1.Final
1.5.0.Final
1.5.1.Final
1.5.2.Final
1.5.3.Final
1.5.4.Final
1.5.5.Final
1.6.0.CR1
1.6.0.Final
1.6.1.Final
1.6.2.Final
1.6.3.Final
1.6.4.Final
1.6.5.Final
1.6.6.Final
1.6.7.Final
1.6.8.Final
1.7.0.CR1
1.7.0.CR2
1.7.0.CR3
1.7.0.Final
1.8.0.CR1
1.8.0.CR2
1.8.0.Final
1.9.0.CR1
1.9.0.CR2
1.9.0.CR3
1.9.0.CR4
1.9.0.CR5
1.9.0.Final
1.9.1.Final
2.*
2.0.0.Beta1
2.0.0.Beta2
2.0.0.Beta3
2.0.0.Final
2.1.0.Final
2.2.0.Final
2.2.1.Final
2.2.2.Final
2.2.3.Final
2.2.4.Final
2.2.5.Final
2.2.6.Final
2.2.7.Final
2.2.8.Final
2.3.0.Final
2.3.1.Final
2.4.0.CR1
2.4.0.Final
2.4.1.Final
2.4.2.Final
2.5.0.CR1
2.5.0.Final
2.5.1.Final
2.5.2.Final
2.6.0.Final
2.6.1.Final
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "220613399839932382166913887484573394048",
"length": 424.0
},
"id": "CVE-2024-12369-10e721fc",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java",
"function": "completeAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "116218383956746026852900839944780661515",
"length": 223.0
},
"id": "CVE-2024-12369-1115feab",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java",
"function": "RefreshableOidcSecurityContext"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"69535654251659651304229970074869770264",
"330415010779261880060074713673144868820",
"231934704386096521685404426498805277983",
"12838395641802081472841848624853758681",
"228972590863593484394017598794083538948",
"299231361255463893595589929501632781946",
"136293259684653726774406408164966965772",
"16590179561628504516016370750338320316",
"130865740470394425981587258003621363522",
"208478521986192242738070696134833423160",
"258947852876596672232443942706928824658",
"68714735052028492711791978024576373757",
"48255351513541641423937144741667928865",
"182404101621277672663403023489877711249",
"241216613448076989641050048237767380656",
"30728454966704875894617193173330824661",
"273154943107220428879039135451062759460",
"290674750735804859308875103113478422723",
"287750074173360488214654026447368572782",
"235859062430984420034087992657545813961",
"296444102860823749475092893822423823714",
"198553124608645521192694036489621753670",
"49014019552815173711564250453509554073",
"334376168358238660924100313823822715313",
"231523653533033117923365856485151956421",
"121207220594380088242039674248741788961",
"40471314311458331849162152178119000343",
"59663124343543100690750128061985070671",
"142133041285180676510455383301973282409",
"193661956268025203352276980749868529839",
"262475208531399837225427817358865607413",
"195218902827374496823186427580063762869"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-129555d1",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "4205295703123772088395400544692402306",
"length": 234.0
},
"id": "CVE-2024-12369-1cd10c27",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "65228376471451566205353555815516620535",
"length": 837.0
},
"id": "CVE-2024-12369-207cc473",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "loginRedirect"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "160689677188943342777583188133125557353",
"length": 341.0
},
"id": "CVE-2024-12369-266c8d66",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "getRealmIdentityRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "68516662692742804186866513347320315628",
"length": 930.0
},
"id": "CVE-2024-12369-26d23d60",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityRolesCombined"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"164352820973554176527576506452489113648",
"135242687274953542515763303714924141817",
"261714749640425436589946606141812970889",
"74293470066429210173219621224859481777",
"67629780131144002266731252159956448978",
"65201360194039339605971959628341752804",
"242305472911248136142025172227713167258",
"250487684707614580237445510454852926873",
"54106469466353324700315398161491475251",
"126293394502475088838336245092095208478",
"82570965973357811387556747485797408544",
"323948519449556011056403856144928958841",
"41307923329173557036602614428055042203",
"100972095888587539798942424146736505755"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-29bd0a3d",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "105858689382914364671921159586134155199",
"length": 817.0
},
"id": "CVE-2024-12369-2cb1bdb8",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityOnlyResourceRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "139180544625932942548132186225537021207",
"length": 241.0
},
"id": "CVE-2024-12369-2ccc40ab",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"288524698675306644723569348204758792620",
"282168368057332025763495844387795907268",
"179635000284787528848592917431711415342",
"299014118442108562638307337700606673234",
"212258042317897734270683930772686193447",
"20832414516590539969934840852292612964",
"308046284038672182936971587792790975055",
"85236861520975974865676861923405127111"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-2dda90bc",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcCookieTokenStore.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"228871583824144882252609807757031050855",
"288387720175417626171589360360607203563",
"195240338149754339139559875461568687293"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-2e71a351",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "286419831583110663845817603035875072843",
"length": 43.0
},
"id": "CVE-2024-12369-308c5cb7",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "getValue"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"76168101289613678615897602623287796485",
"307752361912014437783578310854951312847",
"195240338149754339139559875461568687293"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-338065e8",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "70164525431685962373803401333081590983",
"length": 897.0
},
"id": "CVE-2024-12369-35ea4ae3",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "TestingHttpServerRequest"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "46724056376778402555707616746073619335",
"length": 489.0
},
"id": "CVE-2024-12369-380d6534",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java",
"function": "completeAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "257084448931164605774335014990953181121",
"length": 241.0
},
"id": "CVE-2024-12369-385a7aa8",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"186759154650692938466309540965151164389",
"118261962183534149134275851759870612236",
"251788996634320137772049537062096932682",
"42541277339869166450009623798903341840",
"291338714051018904960738668644447461937",
"81933640762370707408773790308431588676",
"225268047124763416815565227364549306",
"301982488162273934438220001429110925491",
"203897584594973028030784640322284100346",
"247433914233179279971447364933335158126",
"248000679060004979339319231531163826671",
"50198239808222076376368149925866466972",
"334371846005196853196023878941920238360",
"92704645530880625949254360938887906817",
"34011796764937166576656673416769510552",
"196391672131923114221762268925362502139"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-3cae682b",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"278881955487672719577259676704596271241",
"24101099481795870557647905629275780256",
"198237578266508463309573431631478890529",
"13150513533043205529732620130540447192",
"226557975447543108518685765601156978083",
"181725778333325384503152076399240257682",
"306318851207517108727948268876337958937",
"247569928845233455518587240359426712394",
"293461510209477389748880396114341934073",
"18220086655477477726540768933300204009",
"218007505522267445595807182271759846813",
"139170029016076468874524154466760919006",
"308281338690827578372107079634228254787",
"97992104200008905028243531132763683922",
"170636196867292817356224579844664013821",
"138340483703306406003746070778317566492",
"71905966254119553501889294579169350230",
"20276845718902685268594879600625346135",
"40493134828772527881702958918864430469",
"128254289824916946551814556089366740393",
"316201307628646380768845444838632164462",
"215123767270249889252641166815593481566",
"147535537465822353972447036771398352314",
"295447542853456882129269296584144086664",
"182562076196135663014180257764389342648",
"267454258959054769400346506513851819536",
"56691028257114059191939909327703548114",
"80148831254863069025330781514553599381",
"184528295907085071863671071695128662129",
"230247960978573998792695174096035018757",
"183293341765990239999282532316786845006",
"187429335075138992308974869453806653453",
"75767214883344513442194598233095215276",
"153170817415595235757352985396423138839",
"339180856155205750569057044074594407178",
"3061145291224234065647276680733710926",
"112281385015752418163076419586966723419",
"244125084856819352952595829882912148068",
"321682005567724920098752730733460903750"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-47027998",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"164352820973554176527576506452489113648",
"135242687274953542515763303714924141817",
"261714749640425436589946606141812970889",
"74293470066429210173219621224859481777",
"67629780131144002266731252159956448978",
"65201360194039339605971959628341752804",
"242305472911248136142025172227713167258",
"250487684707614580237445510454852926873",
"54106469466353324700315398161491475251",
"126293394502475088838336245092095208478",
"82570965973357811387556747485797408544",
"323948519449556011056403856144928958841",
"41307923329173557036602614428055042203",
"100972095888587539798942424146736505755"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-4d327f0d",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "192427365438496868364428461167466004521",
"length": 35.0
},
"id": "CVE-2024-12369-55315f99",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "getMaxAge"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"46990481080453138365621757031629699562",
"286184350822712901707583039119788485581",
"224744594413341555540436023851858342745",
"137591569954305884465048452355653911214",
"123651186828714963841256675713383531329",
"86961497869144296653708864698733575051",
"113134053992655220223207022517578277518",
"94674901133967888671352036810383189797",
"155514942044128316721102733540964583603",
"31951716560906498195833603266285873060",
"117895526609515411067551445619533532865",
"203039240783764646234371518220805647242",
"213540957615494008853195824535877028119",
"282561073129602664204904533200553204144",
"66628523529268530518893449720115775663",
"186298078445793815463913510601535216478",
"216503490224005441192014648426350577640",
"120146648624689815348143282117939611750",
"102715412356406950219770955940244365114"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-56913bdb",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/Oidc.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "36683354142632982626742160485603662321",
"length": 785.0
},
"id": "CVE-2024-12369-58c27be5",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityOnlyRealmRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "177435625112964364489518736964050024655",
"length": 2369.0
},
"id": "CVE-2024-12369-58f424da",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "resolveCode"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "309068364252661335950531724203664651722",
"length": 467.0
},
"id": "CVE-2024-12369-6025893f",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "challenge"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "309068364252661335950531724203664651722",
"length": 467.0
},
"id": "CVE-2024-12369-60941e01",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "challenge"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "69366455371087857547955233082281720840",
"length": 730.0
},
"id": "CVE-2024-12369-613612e0",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityNoMappings"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "126105845440559817537642205612147586082",
"length": 219.0
},
"id": "CVE-2024-12369-6189a4da",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "65228376471451566205353555815516620535",
"length": 837.0
},
"id": "CVE-2024-12369-63bcf96b",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "loginRedirect"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "116218383956746026852900839944780661515",
"length": 223.0
},
"id": "CVE-2024-12369-64d6582e",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java",
"function": "RefreshableOidcSecurityContext"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"268873055245350172250785662898429108447",
"324879427243895261320471488983601967578",
"107183555062867207415833163082721986815",
"212634970704147937142771851429114766567",
"116660459011670979136773439510133857991",
"48263760269903398255723643390440757185",
"122029972488610752151493750253619657863",
"222090141066277685097761910919138157619",
"66380825739774977987453374616742168531",
"20684103243788891989947831466925880461",
"130194929018526183987684614604875525938",
"306759839398305321219430049979295012785",
"134045004304821046980495944887056463972",
"90621416273025574235743324739724378403",
"63572470912871529379447124790834663668",
"201134047030742507008738550358058081026",
"112995405596757409284694869699939927981",
"267295527286830645259280048089785404855",
"185866492476847064550119148177469620859",
"265039492908251543084144334916044332972",
"135308059404547608962231479833858212165",
"127187613390752525373127396019590464632",
"126674565587646546789949933006349580911",
"66873549429931289528323760658624975710",
"114211567774696788707531850982452332449",
"324527474826525967600013618325407004895",
"237822724988787138655140839789562723041",
"208702320902294044975599336560109688720",
"171538130335226830033306091907218859245",
"214159812684724731449845156236450232432",
"20905554912486344153218679414016480402",
"185175989624170838692519174947223546272",
"53724230800776852843691535316362616916",
"35362639287074878842743017323481200337",
"50852452036261996598906523995121283017",
"113483596274231804315026810184057769994",
"85001545791893972071862242737506662351",
"193945555105656936453847297800470789796",
"183325986263730029783145769233746546977"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-66de9e65",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"337621354626004827141601182787996232238",
"166071988988410361957605972314150179732"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-67f0436d",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"91615617555474633915830402933986773627"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-68bbd126",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "177435625112964364489518736964050024655",
"length": 2369.0
},
"id": "CVE-2024-12369-68db1621",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "resolveCode"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "238544792827668015262369228992220887796",
"length": 1067.0
},
"id": "CVE-2024-12369-72fc9905",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "235652422565837539393734209623310715871",
"length": 35.0
},
"id": "CVE-2024-12369-74884bb4",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "getPath"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "36683354142632982626742160485603662321",
"length": 785.0
},
"id": "CVE-2024-12369-74f973a1",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityOnlyRealmRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "205802012301759987313827704860348137721",
"length": 518.0
},
"id": "CVE-2024-12369-76509be5",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "TestingHttpServerRequest"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "270326665165896405856305551718903371598",
"length": 480.0
},
"id": "CVE-2024-12369-78c2b885",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "createRequestWithRequestParameter"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "165667278144846827925876047158529826618",
"length": 858.0
},
"id": "CVE-2024-12369-7a477a96",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "convertToRequestParameter"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"288524698675306644723569348204758792620",
"282168368057332025763495844387795907268",
"179635000284787528848592917431711415342",
"299014118442108562638307337700606673234",
"212258042317897734270683930772686193447",
"20832414516590539969934840852292612964",
"308046284038672182936971587792790975055",
"85236861520975974865676861923405127111"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-7ac0efc4",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcCookieTokenStore.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"304626163264338505981098803575455052474",
"44591562611330052497992176296122242584",
"213344953103258583527481988820833492818",
"63642341349873480733158931737714738765",
"15732270158938193896592097013446411900"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-8160b4c0",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/IDToken.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "261711482614370740184490862556749848003",
"length": 263.0
},
"id": "CVE-2024-12369-818cd2fe",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"105949293426056879137656839666477374063",
"232248752247330501131763892807131864884",
"143127061027920366386701536727267893960",
"254202665306173189082075769719462171234",
"164309314661800894405232194059683705795",
"33265527623806013003403807801743449542",
"66420200929214421020212358263933493139",
"71077174673116048927274323698140630858",
"164309314661800894405232194059683705795",
"33265527623806013003403807801743449542",
"66420200929214421020212358263933493139",
"72293609849605992514232623897143273839",
"38834897982410032815873222200443578555",
"311452983295801480480476964044127484846",
"230539607815197655308612846047388772561",
"72293609849605992514232623897143273839",
"38834897982410032815873222200443578555",
"311452983295801480480476964044127484846",
"230539607815197655308612846047388772561",
"72293609849605992514232623897143273839",
"7040118202646684626795253009323146002",
"63131815114665627064618291592664455739",
"101702460410764202628645328835161966631",
"71077174673116048927274323698140630858"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-828af725",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "165532687791302378919126006243695941977",
"length": 185.0
},
"id": "CVE-2024-12369-86ea33bf",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "createOAuthRequest"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "105858689382914364671921159586134155199",
"length": 817.0
},
"id": "CVE-2024-12369-8acb6188",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityOnlyResourceRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"304626163264338505981098803575455052474",
"44591562611330052497992176296122242584",
"213344953103258583527481988820833492818",
"63642341349873480733158931737714738765",
"15732270158938193896592097013446411900"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-8acbb45a",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/IDToken.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"245842994761640523996125471510474957577",
"25797863598981552117626286552031311018",
"220479070287369813333115790179346431642",
"324879427243895261320471488983601967578",
"232839931364848108491645957256670135238",
"333345603874583901878618613877499944361",
"259716229928484047103644980469579801083",
"48263760269903398255723643390440757185",
"22356419305651689006311778196010244287",
"85114666733888844430332440636939314778",
"145359083642545006352714110891688447025",
"245988327255626131940198238354844263659",
"187391153723367000757365855422073064063",
"32255158861960852719792841912097583996",
"272794758889267213462734928635492542765",
"19626255031280976704210926772894537075",
"63572470912871529379447124790834663668",
"201134047030742507008738550358058081026",
"112995405596757409284694869699939927981",
"267295527286830645259280048089785404855",
"185866492476847064550119148177469620859",
"265039492908251543084144334916044332972",
"135308059404547608962231479833858212165",
"142325027475985966484577120505580067077",
"111520051688979012213072029957908979683",
"248827863220309736677048746875893284565",
"203825123278430065063590555279249430532",
"149536985464774500124873716734375755792",
"90318607497633622629362863101155561591",
"214752603677681870264796656388296602063",
"56730075577321152758786935276419676892",
"265850324026311886360362371467681986642",
"262475525274033122177346879225368089753",
"319657603662982517884152873761609431872",
"45218791037054100791508288627258465439",
"291812800817669575562465484025556750689",
"148635318020636184619106234365136762443",
"175724131702149908440420095724165399565",
"233855901022890524965940002133727803060",
"65882426521881623952942870667212974751",
"48034751239959381969369014610119979622",
"214752603677681870264796656388296602063",
"56730075577321152758786935276419676892",
"265850324026311886360362371467681986642",
"244109700289877932029136943287895288502",
"327406803438194422679179585225848525118",
"131729852850479575452651482343647411121",
"274560171887558634485454608655509192465",
"40501333824782851370691128800498149718",
"282665875049214890070207003852286167075",
"243559295293855201010177912597460128036",
"194776014644134027044573904791649570473",
"289220739728364224967364983120292104899",
"51951437607212218818825835383527846430",
"7033098177579187178423678754218117334",
"270040455944300324861823912814811230556",
"6058497311735619060808813958595864048",
"316953799758103468892887159705399350092",
"261863551953108195434237082459734697949",
"207806687961354427165361631110687818877",
"324527474826525967600013618325407004895",
"237822724988787138655140839789562723041",
"208702320902294044975599336560109688720",
"171538130335226830033306091907218859245",
"214159812684724731449845156236450232432",
"20905554912486344153218679414016480402",
"185175989624170838692519174947223546272",
"53724230800776852843691535316362616916",
"293767584432330124813220217694768174290",
"131994545459393394784858487303968778442",
"233124514153311426316295086988647861513",
"126625808141238755365988490012460102253",
"35362639287074878842743017323481200337",
"50852452036261996598906523995121283017",
"113483596274231804315026810184057769994",
"85001545791893972071862242737506662351",
"233969628722561272107949204739462904087",
"315283710550602470999087792982500814680",
"233205750668433915168527018787079298118",
"86514924834517771551699878905037872838",
"242006887778957007519008326324245491041",
"306043940347297904145023110416617444297",
"166931073052465215482856916449379021666",
"1034058886426495943848120337542082963",
"312670942268852686918590426203549100047",
"110148923926413522137710317270018930819",
"27880095781534496745917987100883844167",
"169663583961854736094135160436821528423",
"232503873370485064447067103587958576472",
"117059750106193891738406420487093724570",
"337942603908709542147591239124014312984",
"257916373179484546319040080479041550622",
"61769782431687004229994009207476455184",
"92236867104061077422221012322771830024",
"1129718138146871005173624187010320011",
"93789159007136724160320861304468098032"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-8cc1258c",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "181833768897886357889752169681743503276",
"length": 1349.0
},
"id": "CVE-2024-12369-97f32f1e",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcCookieTokenStore.java",
"function": "getPrincipalFromCookie"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"72745434322177258829262075051047542216",
"275500312320328485969432895385049840529",
"282755876633450526159032235343173544046",
"278881955487672719577259676704596271241",
"24101099481795870557647905629275780256",
"144426491347199408017089754053843602264",
"31553924615133728802727786509203900739",
"131677076317042642715547375675942155817",
"279157261928177039164322057627183603442"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-999dfc0a",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "156051885533212066543678093128560867215",
"length": 727.0
},
"id": "CVE-2024-12369-9c9e1b9e",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityNoRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "243136550232012937962783171821179402168",
"length": 42.0
},
"id": "CVE-2024-12369-a1cd6343",
"signature_version": "v1",
"target": {
"file": "tests/base/src/test/java/org/wildfly/security/http/impl/AbstractBaseHttpTest.java",
"function": "getName"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "160689677188943342777583188133125557353",
"length": 341.0
},
"id": "CVE-2024-12369-a2b07887",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "getRealmIdentityRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "68516662692742804186866513347320315628",
"length": 930.0
},
"id": "CVE-2024-12369-a6c7241c",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityRolesCombined"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "200613114472647506350750706401870924104",
"length": 827.0
},
"id": "CVE-2024-12369-a8c584bc",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java",
"function": "parseAndVerifyToken"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "181833768897886357889752169681743503276",
"length": 1349.0
},
"id": "CVE-2024-12369-ab719a88",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcCookieTokenStore.java",
"function": "getPrincipalFromCookie"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "46724056376778402555707616746073619335",
"length": 489.0
},
"id": "CVE-2024-12369-acd74f49",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java",
"function": "completeAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "153530352083947472613851388539780378038",
"length": 1877.0
},
"id": "CVE-2024-12369-b0d936d8",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java",
"function": "refreshToken"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"125008442833727002379623478747112369239",
"299184076328181768744554623604843669343",
"216135535818902672349934006346396378115",
"221749546156026351050258680602151388045",
"13950669785657879263393750773479018779",
"166663415001538206332159963886919323128",
"302569749542369128360800178648803792074",
"145210086452524433972223390598726467920",
"92027722881380737348440881695496638873",
"236708234984658506455663974155462093080",
"218508925736165319197679220100028871098",
"96592705161647313291344805788522990045",
"75563467379407564223102097533128086638",
"298858802097525177948684422766181837616",
"334796031019879400086177985180663411790",
"314647266473361808597886471810160961315"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-b4b1cc5c",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"46990481080453138365621757031629699562",
"286184350822712901707583039119788485581",
"224744594413341555540436023851858342745",
"137591569954305884465048452355653911214",
"123651186828714963841256675713383531329",
"86961497869144296653708864698733575051",
"113134053992655220223207022517578277518",
"94674901133967888671352036810383189797",
"155514942044128316721102733540964583603",
"31951716560906498195833603266285873060",
"117895526609515411067551445619533532865",
"203039240783764646234371518220805647242",
"213540957615494008853195824535877028119",
"186411140742330568451866509069327926459",
"66628523529268530518893449720115775663",
"186298078445793815463913510601535216478",
"216503490224005441192014648426350577640",
"120146648624689815348143282117939611750",
"102715412356406950219770955940244365114"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-b8143936",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/Oidc.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "54506534644127993943083341072090942973",
"length": 1962.0
},
"id": "CVE-2024-12369-b8ff3dee",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "getRedirectUri"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "3362009863760572084949938072734397488",
"length": 1528.0
},
"id": "CVE-2024-12369-bba1c32b",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java",
"function": "performAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "200613114472647506350750706401870924104",
"length": 827.0
},
"id": "CVE-2024-12369-bc00e66f",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java",
"function": "parseAndVerifyToken"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "322029705933286246845261942820111060305",
"length": 1315.0
},
"id": "CVE-2024-12369-cd2b5ccf",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcRequestAuthenticator.java",
"function": "getRedirectUri"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "69366455371087857547955233082281720840",
"length": 730.0
},
"id": "CVE-2024-12369-cd32596a",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityNoMappings"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"function_hash": "153530352083947472613851388539780378038",
"length": 1877.0
},
"id": "CVE-2024-12369-d38dd11f",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java",
"function": "refreshToken"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"69535654251659651304229970074869770264",
"330415010779261880060074713673144868820",
"231934704386096521685404426498805277983",
"12838395641802081472841848624853758681",
"228972590863593484394017598794083538948",
"299231361255463893595589929501632781946",
"136293259684653726774406408164966965772",
"117787060994717449515097398870926063816",
"105473403684763031702823406118933299679",
"298106822082933048566026611968676049735",
"32772810856388298742808571687167614843",
"35636787256114419460679390425175044537",
"134595272176466076809564892149149351974",
"328019677738185628286957526954908351173",
"34557996690281708148032043230632619501",
"41418218944833461528429928224063989846",
"320576539375532570698179270369203333423",
"190987017248493210915654235133748213740",
"297887601179594394072648771351336393187",
"51679924396262998350658719427184394657",
"237761678646148059991451579049689125275",
"79092230318129870133770517372493311014",
"325356757329577591005531083352526403887",
"174701391262952993749760744351569865280",
"216463615303007922735652515215008075471",
"53890570614411444433780746575633986099",
"9399355842281887173970809744297500906",
"263248168647711281707859876730808669632",
"207384201413573252731986415079332536992"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-deddcecf",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcBaseTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"124261373635945249815657033628583178975",
"153868625732542516046397602592634333838",
"66573515890899642789965487635281646995",
"321770011819927351431115320764654535596"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-e98027b9",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/AuthenticationError.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "156051885533212066543678093128560867215",
"length": 727.0
},
"id": "CVE-2024-12369-ed54e9c7",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java",
"function": "testGetRealmIdentityNoRoles"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"118261962183534149134275851759870612236",
"251788996634320137772049537062096932682",
"42541277339869166450009623798903341840",
"142852957888541249296083226539575413646",
"291338714051018904960738668644447461937",
"81933640762370707408773790308431588676",
"225268047124763416815565227364549306",
"301982488162273934438220001429110925491",
"203897584594973028030784640322284100346",
"247433914233179279971447364933335158126",
"248000679060004979339319231531163826671",
"50198239808222076376368149925866466972",
"334371846005196853196023878941920238360",
"132346037093071240621257613023063498091",
"34011796764937166576656673416769510552",
"196391672131923114221762268925362502139"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-eef15f56",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"125008442833727002379623478747112369239",
"299184076328181768744554623604843669343",
"216135535818902672349934006346396378115",
"221749546156026351050258680602151388045",
"13950669785657879263393750773479018779",
"166663415001538206332159963886919323128",
"302569749542369128360800178648803792074",
"145210086452524433972223390598726467920",
"92027722881380737348440881695496638873",
"236708234984658506455663974155462093080",
"218508925736165319197679220100028871098",
"96592705161647313291344805788522990045",
"75563467379407564223102097533128086638",
"298858802097525177948684422766181837616",
"334796031019879400086177985180663411790",
"314647266473361808597886471810160961315"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-f1f86927",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RefreshableOidcSecurityContext.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"105949293426056879137656839666477374063",
"232248752247330501131763892807131864884",
"143127061027920366386701536727267893960",
"254202665306173189082075769719462171234",
"164309314661800894405232194059683705795",
"33265527623806013003403807801743449542",
"66420200929214421020212358263933493139",
"71077174673116048927274323698140630858",
"164309314661800894405232194059683705795",
"33265527623806013003403807801743449542",
"66420200929214421020212358263933493139",
"72293609849605992514232623897143273839",
"38834897982410032815873222200443578555",
"311452983295801480480476964044127484846",
"230539607815197655308612846047388772561",
"72293609849605992514232623897143273839",
"38834897982410032815873222200443578555",
"311452983295801480480476964044127484846",
"230539607815197655308612846047388772561",
"72293609849605992514232623897143273839",
"7040118202646684626795253009323146002",
"63131815114665627064618291592664455739",
"101702460410764202628645328835161966631",
"71077174673116048927274323698140630858"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-f8de8100",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcSecurityRealmTest.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"124261373635945249815657033628583178975",
"153868625732542516046397602592634333838",
"66573515890899642789965487635281646995",
"321770011819927351431115320764654535596"
],
"threshold": 0.9
},
"id": "CVE-2024-12369-fa2dfd42",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/AuthenticationError.java"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "220613399839932382166913887484573394048",
"length": 424.0
},
"id": "CVE-2024-12369-fb754af2",
"signature_version": "v1",
"target": {
"file": "http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java",
"function": "completeAuthentication"
},
"source": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb",
"deprecated": false,
"signature_type": "Function"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-12369.json"