Browse Security Advisories
Security Advisories for org.keycloak:keycloak-parent in maven Clear Filters
High
over 2 years ago
Keycloak Cross-site Scripting on OpenID connect login service
maven
org.keycloak:keycloak-parent
Critical
over 2 years ago
Keycloak vulnerable to path traversal via double URL encoding
maven
org.keycloak:keycloak-parent
Moderate
over 2 years ago
Keycloak vulnerable to session takeover with OIDC offline refreshtokens
maven
org.keycloak:keycloak-parent
Moderate
almost 3 years ago
Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles
maven
org.keycloak:keycloak-parent
High
almost 3 years ago
Keycloak SAML javascript protocol mapper: Uploading of scripts through admin console
maven
org.keycloak:keycloak-parent
High
almost 3 years ago
Incorrect implementation of lockout feature in Keycloak
maven
org.keycloak:keycloak-parent
Moderate
about 3 years ago
Keycloak vulnerable to cross-site scripting via the state parameter
maven
org.keycloak:keycloak-parent
Moderate
over 3 years ago
Reflected XSS on clients-registrations endpoint
maven
org.keycloak:keycloak-parent
Low
over 3 years ago
Generation of Error Message Containing Sensitive Information in Keycloak
maven
org.keycloak:keycloak-parent
Moderate
over 3 years ago
Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak
maven
org.keycloak:keycloak-parent
High
over 3 years ago
Allocation of Resources Without Limits or Throttling in Keycloak
maven
org.keycloak:keycloak-parent
Moderate
over 3 years ago
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak
maven
org.keycloak:keycloak-parent
Filter by Severity
Filter by Ecosystem
maven
6,663
packagist
5,357
pypi
4,834
npm
4,194
go
2,803
nuget
1,702
cargo
1,067
rubygems
919
hex
37
swift
35
actions
32
pub
10
Filter by Package
org.jenkins-ci.main:jenkins-core
239
org.apache.tomcat:tomcat
138
com.liferay.portal:release.portal.bom
110
com.liferay.portal:release.dxp.bom
105
com.fasterxml.jackson.core:jackson-databind
69
org.apache.struts:struts2-core
57
org.keycloak:keycloak-core
50
org.apache.tomcat.embed:tomcat-embed-core
46
org.keycloak:keycloak-services
41
org.xwiki.platform:xwiki-platform-oldcore
41
org.elasticsearch:elasticsearch
41
com.thoughtworks.xstream:xstream
37
com.jfinal:jfinal
36
net.mingsoft:ms-mcms
36
io.undertow:undertow-core
34
org.jenkins-ci.plugins:script-security
34
org.apache.solr:solr-core
28
org.opencms:opencms-core
27
org.springframework.security:spring-security-core
26
org.eclipse.jetty:jetty-server
25
org.keycloak:keycloak-parent
24
org.apache.openmeetings:openmeetings-parent
22
org.bouncycastle:bcprov-jdk14
22
org.apache.nifi:nifi
21
org.apache.tomcat:tomcat-catalina
21
org.cloudfoundry.identity:cloudfoundry-identity-server
20
org.apache.tomcat:tomcat-coyote
19
org.xwiki.platform:xwiki-platform-web-templates
19
com.vaadin:vaadin-bom
18
org.apache.inlong:manager-pojo
17
org.apache.geode:geode-core
17
org.springframework:spring-core
17
org.bouncycastle:bcprov-jdk15
16
org.apache.dubbo:dubbo
16
org.apache.ranger:ranger
16
org.apache.activemq:activemq-client
16
org.apache.jspwiki:jspwiki-main
16
org.apache.struts.xwork:xwork-core
15
org.xwiki.platform:xwiki-platform-web
14
org.apache.cxf:cxf-core
13
org.apache.hadoop:hadoop-main
13
org.jenkins-ci.plugins.workflow:workflow-cps
13
org.jenkins-ci.plugins:git
12
org.apache.dolphinscheduler:dolphinscheduler
12
org.springframework:spring-web
12
org.apache.hadoop:hadoop-common
12
org.springframework:spring-webmvc
12
org.graylog2:graylog2-server
12
org.apache.cxf:cxf
12
com.vaadin:flow-server
12
org.jeecgframework.boot:jeecg-boot-parent
12
org.jenkins-ci.plugins:email-ext
11
ai.h2o:h2o-core
11
org.apache.archiva:archiva
11
org.mortbay.jetty:jetty
11
org.apache.commons:commons-compress
11
org.igniterealtime.openfire:parent
11
org.apache.camel:camel-core
11
com.xuxueli:xxl-job
11
org.apache.james:james-server
11
org.geoserver.web:gs-web-app
11
org.apache.jspwiki:jspwiki-war
11
org.xwiki.platform:xwiki-platform-administration-ui
11
org.apache.tika:tika-core
11
org.bouncycastle:bcprov-jdk15on
11
org.jboss.netty:netty
10
org.apache.inlong:manager-service
10
org.apache.kylin:kylin
10
org.craftercms:crafter-studio
10
org.apache.hive:hive-exec
10
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
10
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
10
h2o
10
io.netty:netty
10
bootstrap
9
org.apache.linkis:linkis
9
org.opencrx:opencrx-core-models
9
org.apache.xmlgraphics:batik
9
twbs/bootstrap
9
org.apache.shiro:shiro-core
9
pyspark
9
cn.hutool:hutool-core
9
mysql:mysql-connector-java
9
org.jenkins-ci.plugins:active-directory
9
org.jenkins-ci.plugins:config-file-provider
9
bootstrap
9
org.postgresql:postgresql
9
io.jenkins:configuration-as-code
9
bootstrap
9
org.bouncycastle:bcprov-jdk15to18
9
org.apache.hive:hive
9
org.opennms:opennms
9
org.apache.tapestry:tapestry-core
9
org.webjars:bootstrap
9
org.jenkins-ci.plugins:electricflow
9
org.apache.zeppelin:zeppelin
8
org.silverpeas.core:silverpeas-core-web
8
org.apache.hive:hive-service
8
org.jenkins-ci.plugins:ec2
8
io.jenkins.blueocean:blueocean
8
com.ruoyi:ruoyi
8
jquery
8
org.xwiki.platform:xwiki-platform-rest-server
8
org.opensearch.plugin:opensearch-security
8
org.apache.streampark:streampark
8
org.apache.ambari:ambari
8
org.jeecgframework.boot:jeecg-boot-common
8
org.apache.pdfbox:pdfbox
8
org.yaml:snakeyaml
8
org.jenkins-ci.plugins:subversion
8
jquery-rails
8
org.webjars.npm:jquery
8
org.apache.cassandra:cassandra-all
8
org.jenkins-ci.plugins:oic-auth
8
com.hazelcast:hazelcast
8
org.apache.santuario:xmlsec
8
org.apache.ozone:ozone-main
8
rubygems-update
7
org.jenkins-ci.plugins:mercurial
7
org.jenkins-ci.plugins:artifactory
7
org.webjars.npm:jquery-ui
7
org.owasp.esapi:esapi
7
io.netty:netty-handler
7
jquery-ui-rails
7
org.apache.spark:spark-core_2.11
7
org.apache.logging.log4j:log4j-core
7
org.jenkins-ci.plugins:rundeck
7
org.apache.wicket:wicket-core
7
org.apache.cxf:apache-cxf
7
jQuery.UI.Combined
7
net.opentsdb:opentsdb
7
org.apache.poi:poi
7
org.jruby:jruby-stdlib
7
org.apache.druid:druid
7
bootstrap-sass
7
io.jenkins.plugins:miniorange-saml-sp
7
org.jenkins-ci.plugins:jobConfigHistory
7
io.jenkins.plugins:warnings-ng
7
io.dataease:dataease-plugin-common
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
org.apache.atlas:atlas-common
7
org.apache.inlong:manager-web
7
jquery-ui
7
org.apache.karaf:apache-karaf
7
org.owasp.antisamy:antisamy
7
commons-fileupload:commons-fileupload
7
bootstrap.sass
7
jQuery
7
org.opencastproject:opencast-kernel
7
org.jboss.resteasy:resteasy-client
7
org.apache.tika:tika
7
org.jenkins-ci.plugins:openshift-deployer
7
org.jeecgframework.boot:jeecg-boot-base
7
org.apache.activemq:activemq-parent
7
io.atomix:atomix
7
org.apache.derby:derby
7
org.wildfly:wildfly-parent
6
org.apache.kafka:kafka
6
org.apache.spark:spark-core_2.10
6
org.jenkins-ci.plugins:credentials-binding
6
apache-iotdb
6
org.apache.ignite:ignite-core
6
org.xwiki.commons:xwiki-commons-xml
6
org.apache.httpcomponents:httpclient
6
org.apache.zeppelin:zeppelin-server
6
io.netty:netty-codec-http
6
org.apache.syncope:syncope-core
6
org.jenkins-ci.plugins:repository-connector
6
tech.powerjob:powerjob
6
org.apache.struts:struts2-rest-plugin
6
com.xebialabs.deployit.ci:deployit-plugin
6
org.keycloak:keycloak-quarkus-server
6
hudson.plugins:project-inheritance
6
org.infinispan:infinispan-core
6
axis:axis
6
org.bouncycastle:bcprov-jdk18on
6
org.apache.mesos:mesos
6
org.jenkins-ci.plugins:htmlpublisher
6
de.tum.in.ase:artemis-java-test-sandbox
6
org.jenkins-ci.plugins:gitlab-oauth
6
ch.qos.logback:logback-core
6
org.csanchez.jenkins.plugins:kubernetes
6
org.apache.storm:storm-core
6
org.geoserver:gs-wms
6
org.jenkins-ci.plugins:fortify-on-demand-uploader
6
bootstrap-sass
6
org.apache.pulsar:pulsar-broker
6
org.apache.solr:solr-parent
6
org.jenkins-ci.plugins:ec2-deployment-dashboard
6
org.jenkins-ci.plugins:pipeline-maven
6
org.jenkins-ci.plugins:ghprb
6
com.google.protobuf:protobuf-java
6
com.liferay.portal:com.liferay.portal.impl
6
org.apache.axis:axis
6
com.xuxueli:xxl-job-core
6
com.nimbusds:nimbus-jose-jwt
6
com.jflyfox:jflyfox_jfinal
6
cn.hutool:hutool-json
6
org.apache.shenyu:shenyu-common
6
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
6