@keycloakify/keycloak-admin-ui@260200.1.0

Direct Vulnerabilities

Known vulnerabilities in the @keycloakify/keycloak-admin-ui package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Authorization Bypass Through User-Controlled Key

@keycloakify/keycloak-admin-ui is a

Repackaged Keycloak Admin UI

<a href="https://github.com/keycloakify/keycloak-adm

Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the BruteForceUsersResource process. An attacker can access sensitive user data by leveraging administrative privileges (query-users role) and knowledge of the target user's ID to bypass fine-grained authorization controls.

How to fix Authorization Bypass Through User-Controlled Key?

There is no fixed version for @keycloakify/keycloak-admin-ui.

*