Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.keycloak:keycloak-core

maven

Keycloak Core

View on github.com · View on repo1.maven.org

Security Advisories for org.keycloak:keycloak-core in maven

Low
10 months ago

Keycloak allows cross-site scripting (XSS) GSA_kwCzR0hTQS1xNHhxLTQ0NWctZzZjaM4ABEl0

maven org.keycloak:keycloak-core
High
about 1 year ago

Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination GSA_kwCzR0hTQS05M3d3LTQzcnItNzl2M84ABBvf

maven org.keycloak:keycloak-core
Moderate
about 1 year ago

Keycloaks's One Time Passcode (OTP) is valid longer than expiration timeSeverity GSA_kwCzR0hTQS14bW1tLWp3NzYtcTd2Z84ABAQU

maven org.keycloak:keycloak-core
High
about 1 year ago

Keycloak Denial of Service vulnerability GSA_kwCzR0hTQS13OTdmLXczaHEtMzZnMs4AA_b2

maven org.keycloak:keycloak-core
Moderate
about 1 year ago

Keycloak Open Redirect vulnerability GSA_kwCzR0hTQS1nNGdjLXJoMjYtbTNwNc4AA_Yi

maven org.keycloak:keycloak-core
Moderate
almost 2 years ago

keycloak-core: open redirect via "form_post.jwt" JARM response mode GSA_kwCzR0hTQS05dm03LXY4d2otM2Zxd84AA4oS

maven org.keycloak:keycloak-core
High
about 2 years ago

Keycloak vulnerable to Plaintext Storage of User Password GSA_kwCzR0hTQS01cTY2LXY1M3EtcG0zNc4AA11p

maven org.keycloak:keycloak-core
Moderate
over 2 years ago

Keycloak: Impersonation and lockout possible through incorrect handling of email trust GSA_kwCzR0hTQS1jN3h3LXA1OHctaDZmas4AA0xs

maven org.keycloak:keycloak-core
Moderate
over 2 years ago

Keycloak Untrusted Certificate Validation vulnerability GSA_kwCzR0hTQS01Y2M4LXBncDUtN21wbc4AA0KG

maven org.keycloak:keycloak-core
Moderate
almost 3 years ago

Keycloak has lack of validation of access token on client registrations endpoint GSA_kwCzR0hTQS12NDM2LXEzNjgtaHZnZ84AAw8k

maven org.keycloak:keycloak-core
Moderate
about 3 years ago

Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown GSA_kwCzR0hTQS03NTV2LXI0eDQtcWY3bc4AAwFM

maven org.keycloak:keycloak-core
High
over 3 years ago

Keycloak allows anyone to register new security device or key for any user by using WebAuthn password-less login flow GSA_kwCzR0hTQS1xcHE5LWpwdjQtNmd3cs4AAuf1

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak has Files or Directories Accessible to External Parties GSA_kwCzR0hTQS0zdzR2LXJ2YzQtMnhwd84AAuf6

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak XSS via use of malicious payload as group name when creating new group from admin console GSA_kwCzR0hTQS1mcWM3LTV4eGMtcGg3cs4AAufm

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak vulnerable to Improper Certificate Validation GSA_kwCzR0hTQS1ycGoyLXc2ZnItNzloY84AAuZ2

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak discloses information without authentication GSA_kwCzR0hTQS1wY3Y1LW0yd2gtNjZqM84AAnvw

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak vulnerable to Server-Side Request Forgery GSA_kwCzR0hTQS1qaDdxLTVtd2YtcXZod84AAm5Y

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak Insufficient Session Expiry GSA_kwCzR0hTQS04eGoyLTQ3eHctcTc4Y84AAkqh

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak leaks sensitive information in logged exceptions GSA_kwCzR0hTQS1xZ21tLWYycXctcjk1Zs4AAkqZ

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak users may be able to remove MFA from other users' devices GSA_kwCzR0hTQS05Njk1LXc2aDItanB2Oc4AAkmX

maven org.keycloak:keycloak-core
Critical
over 3 years ago

keycloak vulnerable to unauthorized login via mail server setup GSA_kwCzR0hTQS1jZjhmLXcyYzUtcDVqcs4AAjM6

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

JBoss KeyCloak Cross-site Scripting Vulnerability GSA_kwCzR0hTQS1weDQyLW1yOG0tY3BnaM4AAgTj

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Keycloak Open Redirect GSA_kwCzR0hTQS0zcWgyLW1jY2MtcTVtNs4AARNF

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Improper authorization in Keycloak GSA_kwCzR0hTQS1mMzJ2LXZmNzktcDI5cc1BRQ

maven org.keycloak:keycloak-core
Moderate
over 3 years ago

Cross-site Scripting in Keycloak GSA_kwCzR0hTQS14cGdjLWo0OGotand2Oc01-Q

maven org.keycloak:keycloak-core
High
over 3 years ago

Authentication Bypass in keycloak GSA_kwCzR0hTQS1tOWNqLXY1NWYtOHgyNs00HA

maven org.keycloak:keycloak-core
High
over 3 years ago

Temporary Directory Hijacking Vulnerability in Keycloak GSA_kwCzR0hTQS02eHA2LWZtYzgtcG1tcs00FA

maven org.keycloak:keycloak-core
High
almost 4 years ago

Improper Input Validation in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02bW0tcTg2Mi1qMzY2

maven org.keycloak:keycloak-core
High
about 4 years ago

Improper privilege management in Keycloak GSA_kwCzR0hTQS1jOXg5LXh2NjYteHAzds0W7Q

maven org.keycloak:keycloak-core
High
about 4 years ago

Privilege Defined With Unsafe Actions in Keycloak GSA_kwCzR0hTQS03bTI3LTM1ODctODN4Zs0Wng

maven org.keycloak:keycloak-core
Moderate
about 4 years ago

Exposure of Sensitive Information in keycloak GSA_kwCzR0hTQS00Z2YyLXh2OTctNjNtMs0VzQ

maven org.keycloak:keycloak-core
Critical
over 4 years ago

keycloak Self Stored Cross-site Scripting vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE2dzItODlocS1ocTI3

maven org.keycloak:keycloak-core
Moderate
over 4 years ago

Keycloak Missing authentication for critical function MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmNDYtOHZ2cC00aHh4

maven org.keycloak:keycloak-core
Moderate
over 5 years ago

Improper Restriction of Rendered UI Layers or Frames in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNnZzctOXEyeC03OWZj

maven org.keycloak:keycloak-core
Critical
over 5 years ago

Predictable password in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZwbXYtN3ByOS1jZ3Jq

maven org.keycloak:keycloak-core
Moderate
over 5 years ago

XSS in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2ZjMtNHc2Mi1tM3Bx

maven org.keycloak:keycloak-core
Moderate
over 5 years ago

Exposure of Sensitive Information to an Unauthorized Actor in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmcWgtNzM1Ni12cWpq

maven org.keycloak:keycloak-core
High
about 6 years ago

Improper Input Validation and Cross-Site Request Forgery in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1eHAtNnZwZi1qd3Zo

maven org.keycloak:keycloak-core
Moderate
about 6 years ago

Improper Verification of Cryptographic Signature in keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmZ3EtZ3E5Zy0zcnc3

maven org.keycloak:keycloak-core
Moderate
over 6 years ago

Improper Certificate Validation and Insufficient Verification of Data Authenticity in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4Y2ctZ2c5ai1xOWo5

maven org.keycloak:keycloak-core
Moderate
over 6 years ago

Exposure of Sensitive Information to an Unauthorized Actor in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjNTIteGo2cC05cHhw

maven org.keycloak:keycloak-core
High
almost 7 years ago

Improper Authentication in Keycloak MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmMmotN3F3Zy00ZjV4

maven org.keycloak:keycloak-core
High
about 7 years ago

Keycloak vulnerable to uncontrolled resource consumption MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzMnItMzk3Ny1jZ2Mz

maven org.keycloak:keycloak-core
Moderate
about 7 years ago

Moderate severity vulnerability that affects org.keycloak:keycloak-core MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1OXEtMzJnOC12dnA3

maven org.keycloak:keycloak-core
Moderate
about 7 years ago

Moderate severity vulnerability that affects org.keycloak:keycloak-core MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3ajctcHczdi0zdjN4

maven org.keycloak:keycloak-core
Moderate
about 7 years ago

keycloak-core discloses system properties MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3N3ItNmY2NC00Nzhx

maven org.keycloak:keycloak-core
High
about 7 years ago

Keycloak vulnerable to infinite loop based Denial of Service MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjNnEtMjdtdy1wNTV3

maven org.keycloak:keycloak-core
High
about 7 years ago

Improper Authentication in org.keycloak:keycloak-core MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1bTYtbWpoMy01OGdt

maven org.keycloak:keycloak-core
Moderate
about 7 years ago

Moderate severity vulnerability that affects org.keycloak:keycloak-core MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3OHgtMm1xdi13Nnh3

maven org.keycloak:keycloak-core
Moderate
about 7 years ago

keycloak-core vulnerable to timing attacks against JWS token verification MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2Z3YtM3Izdi1nd2dq

maven org.keycloak:keycloak-core

Filter by Severity

Moderate 32 High 14 Critical 3 Low 1