keycloak-doc vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the keycloak-doc package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L Improper Input Validation	<26.3.0-r0
L CRLF Injection	<26.4.7-r1
L Improper Access Control	<26.5.1-r0
M Cross-site Scripting (XSS)	<26.4.7-r2
M Deserialization of Untrusted Data	<26.4.6-r0
M Binding to an Unrestricted IP Address	<26.4.5-r0
L Uncontrolled Search Path Element	<26.4.4-r0
M Session Fixation	<26.4.4-r0
H Files or Directories Accessible to External Parties	<26.4.7-r0
H Improper Input Validation	<26.4.0-r0
M Cross-site Scripting (XSS)	<26.4.7-r0
M Insufficient Session Expiration	<26.3.0-r0
M Insufficient Session Expiration	<26.4.1-r0
M Cross-site Scripting (XSS)	<26.3.4-r0
M Improper Authentication	<26.2.5-r1
H Origin Validation Error	<26.3.0-r0
L Uncontrolled Recursion	<26.3.5-r0
M Information Exposure Through Environmental Variables	<26.3.4-r0
H HTTP Request Smuggling	<26.3.3-r1
H Improper Handling of Highly Compressed Data (Data Amplification)	<26.3.3-r2
M Improper Privilege Management	<26.3.2-r0
H Allocation of Resources Without Limits or Throttling	<26.3.3-r0
L Exposure of Resource to Wrong Sphere	<26.3.2-r0
H Improper Neutralization	<26.3.3-r0
M CRLF Injection	<26.3.3-r0