org.keycloak:keycloak-services vulnerabilities

latest version

26.3.2

first published

11 years ago

latest version published

10 days ago

licenses detected

Apache-2.0
[1.0-alpha-1,)

package registry

View on Maven Central Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.keycloak:keycloak-services package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	[0,)
L Improper Privilege Management	[0,)
M Origin Validation Error	[,26.3.0)
H Improper Validation of Certificate with Host Mismatch	[,26.2.2)
M Improper Authentication	[,26.2.2)
M Allocation of Resources Without Limits or Throttling	[23.0.0,26.0.11)[26.1.0,26.1.5)
M Incorrect User Management	[,26.1.3)
M Exposure of Sensitive Information Through Environmental Variables	[,26.0.8)
M Denial of Service (DoS)	[,26.0.8)
M External Control of File Name or Path	[,26.0.6)
H Regular Expression Denial of Service (ReDoS)	[,26.0.6)
M HTTP Request Smuggling	[,26.0.6)
M Open Redirect	[,22.0.13)[24.0.0,24.0.8)[25.0.0,25.0.6)
H URL Redirection to Untrusted Site ('Open Redirect')	[,22.0.13)[23.0.0,24.0.8)[25.0.0,25.0.6)
M Open Redirect	[,25.0.0)
M Improper Enforcement of a Single, Unique Action	[,24.0.3)
M Improper Authentication	[,22.0.10)[23.0.0,24.0.3)
M Missing Standardized Error Handling Mechanism	[,1.9.1.Final)
L Overly Restrictive Account Lockout Mechanism	[,24.0.0)
L Always-Incorrect Control Flow Implementation	[,24.0.0)
H Improper Privilege Management	[,24.0.5)
M Insecure Storage of Sensitive Information	[,24.0.5)
M Cleartext Storage of Sensitive Information in a Cookie	[7.0.0,24.0.5)
H Path Traversal	[21.1.0,24.0.3)
M Improper Input Validation	[,23.0.5)
H Origin Validation Error	[,24.0.3)
L Authentication Bypass	[,24.0.3)
H Open Redirect	[,24.0.3)
H Cross-site Scripting (XSS)	[,24.0.3)
M Authorization Bypass Through User-Controlled Key	[,24.0.3)
M Missing Critical Step in Authentication	[,22.0.10)[23.0.0,24.0.3)
L Information Exposure	[0,20.0.3)
M Improper Authorization	[,22.0.1)
M Open Redirect	[,23.0.4)
M Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)	[,22.0.7)
H Open Redirect	[21.1.2,23.0.0)
M LDAP Injection	[,23.0.1)
M Credential Exposure	[,22.0.3)
M Access Restriction Bypass	[3.4.3,4.4.0.Final)
M Cross-site Scripting (XSS)	[3.4.3.Final,4.6.0.Final)
H Improper Certificate Validation	[,21.1.2)
M Cross-site Scripting (XSS)	[,21.1.2)
L Authentication Bypass by Spoofing	[,21.1.2)
H Insufficient Verification of Data Authenticity	[,21.0.1)
M Cross-site Scripting (XSS)	[,21.0.0)
M Cross-site Scripting (XSS)	[,20.0.4)
M Cross-site Scripting (XSS)	[0,20.0.5)
C Directory Traversal	[0,20.0.2)
M Exposure of Data Element to Wrong Session	[0,20.0.2)
M Access Restriction Bypass	[,18.0.0)
M Information Exposure	[0,13.0.0)
H Improper Authentication	[,8.0.0)
M Incorrect Authorization	[12.0.0,15.1.1)
M Directory Traversal	[0,15.1.0)
M Improper Authentication	[,18.0.0)
H Improper Authentication	[0,15.1.0)
M Insecure Permissions	[,12.0.0)
M Insecure Temporary File	[,13.0.0)
M Improper Access Control	[,14.0.0)
M Information Exposure	[,13.0.0)
M User Impersonation	[,18.0.0)
M Improper Input Validation	[,9.0.0)
H Cross-site Scripting (XSS)	[0,12.0.0)
M Server-Side Request Forgery (SSRF)	[,12.0.2)
M Directory Traversal	[0,11.0.3)
M Improper Input Validation	[,9.0.2)
M Improper Certificate Validation	[,10.0.0)
M Information Disclosure	[,9.0.2)
M Code Injection	[,8.0.0)
M Information Exposure	[,9.0.2)
C Use of Hard-coded Constants	[,8.0.0)
L Information Exposure	[,6.0.1)
M Cross-site Request Forgery (CSRF)	[,7.0.0)
M Access Control Bypass	[,7.0.0)
M Man-in-the-Middle (MitM)	[,6.0.0)
M Replay attack	[,4.6.0.Final)
M Open Redirect	[,4.5.0.Final)
M Access Restriction Bypass	[,2.4.0.Final)
H Cross-site Request Forgery (CSRF)	[,1.0.3.Final)
H Cross-site Request Forgery (CSRF)	[,3.3.0.Final)
H Privilege Escalation	[,3.3.0.Final)
L Cross-site Request Forgery (CSRF)	[,1.0.2.Final)
M Open Redirect	[1.0.1.Final,1.0.3.Final)
M Cross-site Scripting (XSS)	[1.0.1.Final,1.0.3.Final)
H Denial of Service (DoS)	[,1.0.3.Final)

Package versions

1 - 100 of 205 Results

version	published	direct vulnerabilities
26.3.2	24 Jul, 2025	0 C 0 H 1 M 1 L
26.3.1	9 Jul, 2025	0 C 0 H 1 M 1 L
26.3.0	1 Jul, 2025	0 C 0 H 1 M 1 L
26.2.5	28 May, 2025	0 C 0 H 2 M 1 L
26.2.4	8 May, 2025	0 C 0 H 2 M 1 L
26.2.3	5 May, 2025	0 C 0 H 2 M 1 L
26.2.2	30 Apr, 2025	0 C 0 H 2 M 1 L
26.2.1	23 Apr, 2025	0 C 1 H 3 M 1 L
26.2.0	11 Apr, 2025	0 C 1 H 3 M 1 L
26.1.5	11 Apr, 2025	0 C 1 H 3 M 1 L
26.1.4	13 Mar, 2025	0 C 1 H 4 M 1 L
26.1.3	28 Feb, 2025	0 C 1 H 4 M 1 L
26.1.2	11 Feb, 2025	0 C 1 H 5 M 1 L
26.1.1	5 Feb, 2025	0 C 1 H 5 M 1 L
26.1.0	15 Jan, 2025	0 C 1 H 5 M 1 L
26.0.8	13 Jan, 2025	0 C 1 H 5 M 1 L
26.0.7	3 Dec, 2024	0 C 1 H 7 M 1 L
26.0.6	22 Nov, 2024	0 C 1 H 7 M 1 L
26.0.5	1 Nov, 2024	0 C 2 H 9 M 1 L
26.0.4	30 Oct, 2024	0 C 2 H 9 M 1 L
26.0.3	30 Oct, 2024	0 C 2 H 9 M 1 L
26.0.2	24 Oct, 2024	0 C 2 H 9 M 1 L
26.0.1	17 Oct, 2024	0 C 2 H 9 M 1 L
26.0.0	4 Oct, 2024	0 C 2 H 9 M 1 L
25.0.6	19 Sep, 2024	0 C 2 H 9 M 1 L
25.0.5	10 Sep, 2024	0 C 3 H 10 M 1 L
25.0.4	19 Aug, 2024	0 C 3 H 10 M 1 L
25.0.3	19 Aug, 2024	0 C 3 H 10 M 1 L
25.0.2	18 Jul, 2024	0 C 3 H 10 M 1 L
25.0.1	20 Jun, 2024	0 C 3 H 10 M 1 L
25.0.0	10 Jun, 2024	0 C 3 H 10 M 1 L
24.0.5	4 Jun, 2024	0 C 3 H 11 M 1 L
24.0.4	8 May, 2024	0 C 4 H 13 M 1 L
24.0.3	16 Apr, 2024	0 C 4 H 13 M 1 L
24.0.2	24 Mar, 2024	0 C 8 H 17 M 2 L
24.0.1	5 Mar, 2024	0 C 8 H 17 M 2 L
24.0.0	4 Mar, 2024	0 C 8 H 17 M 2 L
23.0.7	22 Feb, 2024	0 C 8 H 16 M 4 L
23.0.6	2 Feb, 2024	0 C 8 H 16 M 4 L
23.0.5	29 Jan, 2024	0 C 8 H 16 M 4 L
23.0.4	8 Jan, 2024	0 C 8 H 17 M 4 L
23.0.3	15 Dec, 2023	0 C 8 H 18 M 4 L
23.0.2	14 Dec, 2023	0 C 8 H 18 M 4 L
23.0.1	29 Nov, 2023	0 C 8 H 18 M 4 L
23.0.0	23 Nov, 2023	0 C 8 H 19 M 4 L
22.0.5	24 Oct, 2023	0 C 9 H 20 M 4 L
22.0.4	4 Oct, 2023	0 C 9 H 20 M 4 L
22.0.3	12 Sep, 2023	0 C 9 H 20 M 4 L
22.0.2	11 Sep, 2023	0 C 9 H 21 M 4 L
22.0.1	18 Jul, 2023	0 C 9 H 21 M 4 L
22.0.0	11 Jul, 2023	0 C 9 H 22 M 4 L
21.1.2	28 Jun, 2023	0 C 9 H 22 M 4 L
21.1.1	26 Apr, 2023	0 C 9 H 23 M 5 L
21.1.0	19 Apr, 2023	0 C 9 H 23 M 5 L
21.0.2	30 Mar, 2023	0 C 8 H 23 M 5 L
21.0.1	1 Mar, 2023	0 C 8 H 23 M 5 L
21.0.0	23 Feb, 2023	0 C 9 H 23 M 5 L
20.0.5	21 Feb, 2023	0 C 9 H 24 M 5 L
20.0.4	20 Feb, 2023	0 C 9 H 25 M 5 L
20.0.3	12 Jan, 2023	0 C 9 H 26 M 5 L
20.0.2	13 Dec, 2022	0 C 9 H 26 M 6 L
20.0.1	7 Nov, 2022	1 C 9 H 27 M 6 L
20.0.0	1 Nov, 2022	1 C 9 H 27 M 6 L
19.0.3	6 Oct, 2022	1 C 9 H 27 M 6 L
19.0.2	14 Sep, 2022	1 C 9 H 27 M 6 L
19.0.1	29 Jul, 2022	1 C 9 H 27 M 6 L
19.0.0	27 Jul, 2022	1 C 9 H 27 M 6 L
18.0.2	24 Jun, 2022	1 C 9 H 27 M 6 L
18.0.1	16 Jun, 2022	1 C 9 H 27 M 6 L
18.0.0	20 Apr, 2022	1 C 9 H 27 M 6 L
17.0.1	23 Mar, 2022	1 C 9 H 30 M 6 L
17.0.0	11 Feb, 2022	1 C 9 H 30 M 6 L
16.1.1	25 Jan, 2022	1 C 9 H 30 M 6 L
16.1.0	20 Dec, 2021	1 C 9 H 30 M 6 L
16.0.0	17 Dec, 2021	1 C 9 H 30 M 6 L
15.1.1	17 Dec, 2021	1 C 9 H 30 M 6 L
15.1.0	10 Dec, 2021	1 C 9 H 31 M 6 L
15.0.2	20 Aug, 2021	1 C 10 H 32 M 6 L
15.0.1	6 Aug, 2021	1 C 10 H 32 M 6 L
15.0.0	30 Jul, 2021	1 C 10 H 32 M 6 L
14.0.0	18 Jun, 2021	1 C 10 H 32 M 6 L
13.0.1	25 May, 2021	1 C 10 H 33 M 6 L
13.0.0	6 May, 2021	1 C 10 H 33 M 6 L
12.0.4	1 Mar, 2021	1 C 10 H 36 M 6 L
12.0.3	16 Feb, 2021	1 C 10 H 36 M 6 L
12.0.2	18 Jan, 2021	1 C 10 H 36 M 6 L
12.0.1	18 Dec, 2020	1 C 10 H 37 M 6 L
12.0.0	16 Dec, 2020	1 C 10 H 37 M 6 L
11.0.3	5 Nov, 2020	1 C 11 H 37 M 6 L
11.0.2	31 Aug, 2020	1 C 11 H 38 M 6 L
11.0.1	21 Aug, 2020	1 C 11 H 38 M 6 L
11.0.0	22 Jul, 2020	1 C 11 H 38 M 6 L
10.0.2	2 Jun, 2020	1 C 11 H 38 M 6 L
10.0.1	8 May, 2020	1 C 11 H 38 M 6 L
10.0.0	29 Apr, 2020	1 C 11 H 38 M 6 L
9.0.3	14 Apr, 2020	1 C 11 H 39 M 6 L
9.0.2	24 Mar, 2020	1 C 11 H 39 M 6 L
9.0.0	17 Feb, 2020	1 C 11 H 42 M 6 L
8.0.2	4 Feb, 2020	1 C 11 H 43 M 6 L
8.0.1	2 Dec, 2019	1 C 11 H 43 M 6 L

See all versions