Homepage

keycloak vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the keycloak package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-wq8x-cg39-8mrr

<26.0.6-r0
  • M
Inefficient Regular Expression Complexity

<26.0.6-r0
  • L
GHSA-5545-r4hg-rj4m

<26.0.6-r0
  • L
GHSA-jgwc-jh89-rpgq

<26.0.6-r0
  • L
GHSA-93ww-43rr-79v3

<26.0.6-r0
  • L
GHSA-v7gv-xpgf-6395

<26.0.6-r0
  • L
GHSA-xq3w-v528-46rv

<26.0.5-r1
  • L
GHSA-w8gr-xwp4-r9f7

<25.0.6-r0
  • L
GHSA-xgfv-xpx8-qhcr

<25.0.6-r0
  • L
GHSA-vvf8-2h68-9475

<25.0.6-r0
  • L
GHSA-4xx7-2cx3-x473

<25.0.6-r0
  • M
Open Redirect

<25.0.6-r0
  • L
GHSA-c25h-c27q-5qpv

<25.0.1-r0
  • L
Incorrect Default Permissions

<25.0.0-r0
  • L
GHSA-gmrm-8fx4-66x7

<25.0.0-r0
  • L
GHSA-m44j-cfrm-g8qc

<25.0.0-r0
  • L
GHSA-v435-xc8x-wvr9

<25.0.0-r0
  • L
GHSA-4h8f-2wvx-gg5w

<25.0.0-r0
  • L
CVE-2024-29857

<25.0.0-r0
  • L
CVE-2024-30172

<25.0.0-r0
  • L
CVE-2024-34447

<25.0.0-r0
  • L
CVE-2024-30171

<25.0.0-r0
  • L
GHSA-8xfc-gm6g-vgpv

<25.0.0-r0
  • L
GHSA-25w4-hfqg-4r52

<24.0.3-r1
  • L
Improper Authorization

<24.0.3-r1
  • L
Information Exposure Through Environmental Variables

<24.0.3-r1
  • L
GHSA-f8h5-v2vg-46rr

<24.0.3-r1
  • L
Cross-site Scripting (XSS)

<24.0.3-r0
  • L
GHSA-46c8-635v-68r2

<24.0.3-r0
  • L
CVE-2024-1249

<24.0.3-r0
  • L
GHSA-m6q9-p373-g5q8

<24.0.3-r0
  • L
Open Redirect

<24.0.3-r0
  • L
Permissive Regular Expression

<24.0.3-r0
  • L
Directory Traversal

<24.0.3-r0
  • L
GHSA-8rmm-gm28-pj8q

<24.0.3-r0
  • L
Improper Check for Dropped Privileges

<24.0.3-r0
  • L
GHSA-mrv8-pqfj-7gp5

<24.0.3-r0
  • L
Improper Authentication

<24.0.3-r0
  • L
GHSA-4f53-xh3v-g8x4

<24.0.3-r0
  • L
GHSA-c9h6-v78w-52wj

<24.0.3-r0
  • L
Improper Authentication

<24.0.3-r0
  • L
GHSA-72vp-xfrc-42xm

<24.0.3-r0
  • L
GHSA-7fpj-9hr8-28vh

<24.0.3-r0
  • L
CVE-2024-29025

<24.0.2-r1
  • L
GHSA-5jpm-x58v-624v

<24.0.2-r1
  • L
Improper Input Validation

<24.0.0-r0
  • L
GHSA-jw7r-rxff-gv24

<24.0.0-r0
  • C
SQL Injection

<23.0.7-r0
  • L
GHSA-24rp-q3w6-vc56

<23.0.7-r0
  • L
GHSA-xfg6-62px-cxc2

<23.0.7-r0
  • L
GHSA-9vm7-v8wj-3fqw

<23.0.4-r0
  • L
GHSA-xfrj-6vvc-3xm2

<22.0.5-r1
  • M
Information Exposure Through Log Files

<22.0.5-r1