26.0.7
8 years ago
13 days ago
Known vulnerabilities in the org.keycloak:keycloak-model-infinispan package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
org.keycloak:keycloak-model-infinispan is a part of the Affected versions of this package are vulnerable to Access Restriction Bypass in the authorization behavior of How to fix Access Restriction Bypass? Upgrade | [,7.0.1) |
org.keycloak:keycloak-model-infinispan is a part of the Affected versions of this package are vulnerable to Denial of Service (DoS). A flaw was found in keycloak-model-infinispan where How to fix Denial of Service (DoS)? Upgrade | [,14.0.0) |
org.keycloak:keycloak-model-infinispan is a part of the Affected versions of this package are vulnerable to Denial of Service (DoS). A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial of Service on the server. How to fix Denial of Service (DoS)? Upgrade | [,4.0.0.Final) |