org.keycloak:keycloak-saml-wildfly-elytron-adapter@25.0.3 vulnerabilities
-
latest version
26.0.5
-
first published
8 years ago
-
latest version published
25 days ago
-
licenses detected
- [3.1.0.CR1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.keycloak:keycloak-saml-wildfly-elytron-adapter package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Session Fixation due to the improper handling of session IDs and JSESSIONID cookies during the login process. An attacker can hijack the current session before authentication to trigger session fixation. How to fix Session Fixation? Upgrade |
[,22.0.12)
[24.0.0,24.0.7)
[25.0.0,25.0.5)
|
Affected versions of this package are vulnerable to Session Fixation via the How to fix Session Fixation? A fix was pushed into the |
[0,)
|