org.keycloak:keycloak-model-storage-services@26.3.5 vulnerabilities
latest version
26.4.0
latest non vulnerable version
first published
1 years ago
latest version published
26 days ago
licenses detected
- [24.0.0,)
package registry
Direct Vulnerabilities
Known vulnerabilities in the org.keycloak:keycloak-model-storage-services package. This does not include vulnerabilities belonging to this package’s dependencies.
Fix vulnerabilities automatically
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Environmental Variables via the substitution process in imported realm documents. An attacker can access sensitive environment variables by injecting malicious content into realm documents during the import procedure. Note: This vulnerability was addressed by expanding the warnings/notes around placeholder usage. How to fix Exposure of Sensitive Information Through Environmental Variables? A fix was pushed into the | [26.0.0,) |