VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-authz-client@8.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-s6f1-tnbu-jfaq Aliases: CVE-2020-1698 GHSA-qgmm-f2qw-r95f	Keycloak leaks sensitive information in logged exceptions A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.	9.0.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-s6f1-tnbu-jfaq
Aliases:
CVE-2020-1698
GHSA-qgmm-f2qw-r95f

Keycloak leaks sensitive information in logged exceptions A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

9.0.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-m1cv-61u2-y3ck	Keycloak code execution via UMA policy abuse A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the user running application.	CVE-2019-10169 GHSA-9c24-43p5-fv82

Vulnerability

Summary

Aliases

VCID-m1cv-61u2-y3ck

Keycloak code execution via UMA policy abuse A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the user running application.

CVE-2019-10169
GHSA-9c24-43p5-fv82

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:59:49.811688+00:00	GitLab Importer	Fixing	VCID-m1cv-61u2-y3ck	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2019-10169.yml	38.4.0
2026-04-16T21:03:15.110295+00:00	GitLab Importer	Affected by	VCID-s6f1-tnbu-jfaq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2020-1698.yml	38.4.0
2026-04-11T23:15:24.937852+00:00	GitLab Importer	Fixing	VCID-m1cv-61u2-y3ck	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2019-10169.yml	38.3.0
2026-04-11T22:14:38.274706+00:00	GitLab Importer	Affected by	VCID-s6f1-tnbu-jfaq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2020-1698.yml	38.3.0
2026-04-02T23:23:18.346037+00:00	GitLab Importer	Fixing	VCID-m1cv-61u2-y3ck	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2019-10169.yml	38.1.0
2026-04-02T22:26:56.744184+00:00	GitLab Importer	Affected by	VCID-s6f1-tnbu-jfaq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2020-1698.yml	38.1.0
2026-04-01T17:44:21.420475+00:00	GitLab Importer	Fixing	VCID-m1cv-61u2-y3ck	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2019-10169.yml	38.0.0
2026-04-01T16:44:54.351495+00:00	GitLab Importer	Affected by	VCID-s6f1-tnbu-jfaq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-authz-client/CVE-2020-1698.yml	38.0.0
2026-04-01T16:02:29.619772+00:00	GHSA Importer	Fixing	VCID-m1cv-61u2-y3ck	https://github.com/advisories/GHSA-9c24-43p5-fv82	38.0.0
2026-04-01T13:11:22.434565+00:00	GithubOSV Importer	Fixing	VCID-m1cv-61u2-y3ck	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9c24-43p5-fv82/GHSA-9c24-43p5-fv82.json	38.0.0