Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.keycloak/keycloak-parent@18.0.0
Typemaven
Namespaceorg.keycloak
Namekeycloak-parent
Version18.0.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.4.0
Latest_non_vulnerable_version23.0.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-zyzn-1wfp-y7bj
vulnerability_id VCID-zyzn-1wfp-y7bj
summary 
Reflected XSS on clients-registrations endpoint
A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. When a malicious request is sent to the client registration endpoint, the error message is not properly escaped, allowing an attacker to execute malicious scripts into the user's browser.
references
0
reference_url https://github.com/advisories/GHSA-m98g-63qj-fp8j
reference_id GHSA-m98g-63qj-fp8j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m98g-63qj-fp8j
1
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j
reference_id GHSA-m98g-63qj-fp8j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j
fixed_packages
0
url pkg:maven/org.keycloak/keycloak-parent@18.0.0
purl pkg:maven/org.keycloak/keycloak-parent@18.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@18.0.0
aliases GHSA-m98g-63qj-fp8j, GMS-2022-1097
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzn-1wfp-y7bj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@18.0.0