Security Advisories · keycloak/keycloak · GitHub

+

Security Advisories

View information about security vulnerabilities from this repository's maintainers.

Privilege escalation vulnerability on Token Exchange feature
GHSA-75p6-52g3-rqc8 published Apr 25, 2022 by abstractj

Moderate
Keycloak is vulnerable to IDN homograph attack
GHSA-mwm4-5qwr-g9pf published Apr 25, 2022 by abstractj

Low
ECP SAML binding bypasses authentication flows
GHSA-4pc7-vqv5-5r3v published Apr 25, 2022 by abstractj

Moderate
Stored XSS in groups dropdown
GHSA-755v-r4x4-qf7m published Nov 24, 2022 by abstractj

Moderate
Incorrect authorization allows unpriviledged users to create other users
GHSA-83x4-9cwr-5487 published Dec 20, 2021 by stianst

High
OIDC Logout redirects can happen even if no id_token_hint is provided
GHSA-rvjg-gxwx-j5gf published Apr 25, 2022 by abstractj

Low
Reflected XSS on clients-registrations endpoint
GHSA-m98g-63qj-fp8j published Apr 25, 2022 by abstractj

Moderate

点击这是indexloc提供的php浏览器服务，不要输入任何密码和下载