org.keycloak:keycloak-services vulnerabilities

  • latest version

    26.3.2

  • first published

    11 years ago

  • latest version published

    1 months ago

  • licenses detected

  • package registry

  • Direct Vulnerabilities

    Known vulnerabilities in the org.keycloak:keycloak-services package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Exposure of Sensitive System Information to an Unauthorized Control Sphere

    [0,)
    • L
    Improper Privilege Management

    [0,)
    • M
    Origin Validation Error

    [,26.3.0)
    • H
    Improper Validation of Certificate with Host Mismatch

    [,26.2.2)
    • M
    Improper Authentication

    [,26.2.2)
    • M
    Allocation of Resources Without Limits or Throttling

    [23.0.0,26.0.11)[26.1.0,26.1.5)
    • M
    Incorrect User Management

    [,26.1.3)
    • M
    Exposure of Sensitive Information Through Environmental Variables

    [,26.0.8)
    • M
    Denial of Service (DoS)

    [,26.0.8)
    • M
    External Control of File Name or Path

    [,26.0.6)
    • H
    Regular Expression Denial of Service (ReDoS)

    [,26.0.6)
    • M
    HTTP Request Smuggling

    [,26.0.6)
    • M
    Open Redirect

    [,22.0.13)[24.0.0,24.0.8)[25.0.0,25.0.6)
    • H
    URL Redirection to Untrusted Site ('Open Redirect')

    [,22.0.13)[23.0.0,24.0.8)[25.0.0,25.0.6)
    • M
    Open Redirect

    [,25.0.0)
    • M
    Improper Enforcement of a Single, Unique Action

    [,24.0.3)
    • M
    Improper Authentication

    [,22.0.10)[23.0.0,24.0.3)
    • M
    Missing Standardized Error Handling Mechanism

    [,1.9.1.Final)
    • L
    Overly Restrictive Account Lockout Mechanism

    [,24.0.0)
    • L
    Always-Incorrect Control Flow Implementation

    [,24.0.0)
    • H
    Improper Privilege Management

    [,24.0.5)
    • M
    Insecure Storage of Sensitive Information

    [,24.0.5)
    • M
    Cleartext Storage of Sensitive Information in a Cookie

    [7.0.0,24.0.5)
    • H
    Path Traversal

    [21.1.0,24.0.3)
    • M
    Improper Input Validation

    [,23.0.5)
    • H
    Origin Validation Error

    [,24.0.3)
    • L
    Authentication Bypass

    [,24.0.3)
    • H
    Open Redirect

    [,24.0.3)
    • H
    Cross-site Scripting (XSS)

    [,24.0.3)
    • M
    Authorization Bypass Through User-Controlled Key

    [,24.0.3)
    • M
    Missing Critical Step in Authentication

    [,22.0.10)[23.0.0,24.0.3)
    • L
    Information Exposure

    [0,20.0.3)
    • M
    Improper Authorization

    [,22.0.1)
    • M
    Open Redirect

    [,23.0.4)
    • M
    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

    [,22.0.7)
    • H
    Open Redirect

    [21.1.2,23.0.0)
    • M
    LDAP Injection

    [,23.0.1)
    • M
    Credential Exposure

    [,22.0.3)
    • M
    Access Restriction Bypass

    [3.4.3,4.4.0.Final)
    • M
    Cross-site Scripting (XSS)

    [3.4.3.Final,4.6.0.Final)
    • H
    Improper Certificate Validation

    [,21.1.2)
    • M
    Cross-site Scripting (XSS)

    [,21.1.2)
    • L
    Authentication Bypass by Spoofing

    [,21.1.2)
    • H
    Insufficient Verification of Data Authenticity

    [,21.0.1)
    • M
    Cross-site Scripting (XSS)

    [,21.0.0)
    • M
    Cross-site Scripting (XSS)

    [,20.0.4)
    • M
    Cross-site Scripting (XSS)

    [0,20.0.5)
    • C
    Directory Traversal

    [0,20.0.2)
    • M
    Exposure of Data Element to Wrong Session

    [0,20.0.2)
    • M
    Access Restriction Bypass

    [,18.0.0)
    • M
    Information Exposure

    [0,13.0.0)
    • H
    Improper Authentication

    [,8.0.0)
    • M
    Incorrect Authorization

    [12.0.0,15.1.1)
    • M
    Directory Traversal

    [0,15.1.0)
    • M
    Improper Authentication

    [,18.0.0)
    • H
    Improper Authentication

    [0,15.1.0)
    • M
    Insecure Permissions

    [,12.0.0)
    • M
    Insecure Temporary File

    [,13.0.0)
    • M
    Improper Access Control

    [,14.0.0)
    • M
    Information Exposure

    [,13.0.0)
    • M
    User Impersonation

    [,18.0.0)
    • M
    Improper Input Validation

    [,9.0.0)
    • H
    Cross-site Scripting (XSS)

    [0,12.0.0)
    • M
    Server-Side Request Forgery (SSRF)

    [,12.0.2)
    • M
    Directory Traversal

    [0,11.0.3)
    • M
    Improper Input Validation

    [,9.0.2)
    • M
    Improper Certificate Validation

    [,10.0.0)
    • M
    Information Disclosure

    [,9.0.2)
    • M
    Code Injection

    [,8.0.0)
    • M
    Information Exposure

    [,9.0.2)
    • C
    Use of Hard-coded Constants

    [,8.0.0)
    • L
    Information Exposure

    [,6.0.1)
    • M
    Cross-site Request Forgery (CSRF)

    [,7.0.0)
    • M
    Access Control Bypass

    [,7.0.0)
    • M
    Man-in-the-Middle (MitM)

    [,6.0.0)
    • M
    Replay attack

    [,4.6.0.Final)
    • M
    Open Redirect

    [,4.5.0.Final)
    • M
    Access Restriction Bypass

    [,2.4.0.Final)
    • H
    Cross-site Request Forgery (CSRF)

    [,1.0.3.Final)
    • H
    Cross-site Request Forgery (CSRF)

    [,3.3.0.Final)
    • H
    Privilege Escalation

    [,3.3.0.Final)
    • L
    Cross-site Request Forgery (CSRF)

    [,1.0.2.Final)
    • M
    Open Redirect

    [1.0.1.Final,1.0.3.Final)
    • M
    Cross-site Scripting (XSS)

    [1.0.1.Final,1.0.3.Final)
    • H
    Denial of Service (DoS)

    [,1.0.3.Final)

    Package versions

    100 VERSIONS IN TOTAL See all versions
    versionpublisheddirect vulnerabilities
    26.3.224 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 1
      L
    26.3.19 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 1
      L
    26.3.01 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 1
      L
    26.2.528 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 1
      L
    26.2.48 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 1
      L
    26.2.35 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 1
      L
    26.2.230 Apr, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 1
      L
    26.2.123 Apr, 2025
    • 0
      C
    • 1
      H
    • 3
      M
    • 1
      L
    26.2.011 Apr, 2025
    • 0
      C
    • 1
      H
    • 3
      M
    • 1
      L
    26.1.511 Apr, 2025
    • 0
      C
    • 1
      H
    • 3
      M
    • 1
      L