Search for packages
| purl | pkg:alpm/archlinux/keycloak@13.0.0-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6q92-s7v5-aaab
Aliases: CVE-2021-3461 GHSA-cm29-6wx7-p874 |
Insufficient Session Expiration A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5yyq-kxcg-aaas | Improper Authentication A flaw was found in keycloak The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality. |
CVE-2020-27838
GHSA-pcv5-m2wh-66j3 |
| VCID-fccp-mqrj-aaaj | Authentication Bypass by Capture-replay A flaw was found in Keycloak where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same `state` parameter. This flaw allows a malicious user to perform replay attacks. |
CVE-2020-14302
|
| VCID-q8mt-excf-aaaa | CVE-2021-3513 keycloak: Brute force attack is possible even after the account lockout |
CVE-2021-3513
GHSA-xv7h-95r7-595j |
| VCID-rfye-2s3j-aaaf | Code injection in keycloak |
CVE-2021-20222
GHSA-2mq8-99q7-55wx |
| VCID-ydp2-dstr-aaas | Temporary Directory Hijacking Vulnerability in Keycloak |
CVE-2021-20202
GHSA-6xp6-fmc8-pmmr |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:04.068831+00:00 | Arch Linux Importer | Affected by | VCID-6q92-s7v5-aaab | https://security.archlinux.org/AVG-1994 | 36.0.0 |
| 2025-03-28T07:45:38.466970+00:00 | Arch Linux Importer | Fixing | VCID-fccp-mqrj-aaaj | https://security.archlinux.org/AVG-1926 | 36.0.0 |
| 2025-03-28T07:45:38.446610+00:00 | Arch Linux Importer | Fixing | VCID-5yyq-kxcg-aaas | https://security.archlinux.org/AVG-1926 | 36.0.0 |
| 2025-03-28T07:45:38.425815+00:00 | Arch Linux Importer | Fixing | VCID-ydp2-dstr-aaas | https://security.archlinux.org/AVG-1926 | 36.0.0 |
| 2025-03-28T07:45:38.405416+00:00 | Arch Linux Importer | Fixing | VCID-rfye-2s3j-aaaf | https://security.archlinux.org/AVG-1926 | 36.0.0 |
| 2025-03-28T07:45:38.384565+00:00 | Arch Linux Importer | Fixing | VCID-q8mt-excf-aaaa | https://security.archlinux.org/AVG-1926 | 36.0.0 |
| 2024-10-07T16:08:20.122374+00:00 | Arch Linux Importer | Affected by | VCID-6q92-s7v5-aaab | https://security.archlinux.org/AVG-1994 | 34.0.2 |
| 2024-10-07T16:08:19.971179+00:00 | Arch Linux Importer | Fixing | VCID-fccp-mqrj-aaaj | https://security.archlinux.org/AVG-1926 | 34.0.2 |
| 2024-10-07T16:08:19.946088+00:00 | Arch Linux Importer | Fixing | VCID-5yyq-kxcg-aaas | https://security.archlinux.org/AVG-1926 | 34.0.2 |
| 2024-10-07T16:08:19.910185+00:00 | Arch Linux Importer | Fixing | VCID-ydp2-dstr-aaas | https://security.archlinux.org/AVG-1926 | 34.0.2 |
| 2024-10-07T16:08:19.880149+00:00 | Arch Linux Importer | Fixing | VCID-rfye-2s3j-aaaf | https://security.archlinux.org/AVG-1926 | 34.0.2 |
| 2024-10-07T16:08:19.841930+00:00 | Arch Linux Importer | Fixing | VCID-q8mt-excf-aaaa | https://security.archlinux.org/AVG-1926 | 34.0.2 |
| 2024-09-18T02:02:27.226066+00:00 | Arch Linux Importer | Affected by | VCID-6q92-s7v5-aaab | https://security.archlinux.org/AVG-1994 | 34.0.1 |
| 2024-09-18T02:00:37.122879+00:00 | Arch Linux Importer | Fixing | VCID-fccp-mqrj-aaaj | https://security.archlinux.org/AVG-1926 | 34.0.1 |
| 2024-09-18T02:00:37.100225+00:00 | Arch Linux Importer | Fixing | VCID-5yyq-kxcg-aaas | https://security.archlinux.org/AVG-1926 | 34.0.1 |
| 2024-09-18T02:00:37.077406+00:00 | Arch Linux Importer | Fixing | VCID-ydp2-dstr-aaas | https://security.archlinux.org/AVG-1926 | 34.0.1 |
| 2024-09-18T02:00:37.055202+00:00 | Arch Linux Importer | Fixing | VCID-rfye-2s3j-aaaf | https://security.archlinux.org/AVG-1926 | 34.0.1 |
| 2024-09-18T02:00:37.030866+00:00 | Arch Linux Importer | Fixing | VCID-q8mt-excf-aaaa | https://security.archlinux.org/AVG-1926 | 34.0.1 |
| 2024-06-10T13:08:00.335478+00:00 | Arch Linux Importer | Affected by | VCID-6q92-s7v5-aaab | https://security.archlinux.org/AVG-1994 | 34.0.0rc4 |
| 2024-06-10T13:08:00.250311+00:00 | Arch Linux Importer | Fixing | VCID-fccp-mqrj-aaaj | https://security.archlinux.org/AVG-1926 | 34.0.0rc4 |
| 2024-06-10T13:08:00.228514+00:00 | Arch Linux Importer | Fixing | VCID-5yyq-kxcg-aaas | https://security.archlinux.org/AVG-1926 | 34.0.0rc4 |
| 2024-06-10T13:08:00.206401+00:00 | Arch Linux Importer | Fixing | VCID-ydp2-dstr-aaas | https://security.archlinux.org/AVG-1926 | 34.0.0rc4 |
| 2024-06-10T13:08:00.184546+00:00 | Arch Linux Importer | Fixing | VCID-rfye-2s3j-aaaf | https://security.archlinux.org/AVG-1926 | 34.0.0rc4 |
| 2024-06-10T13:08:00.160200+00:00 | Arch Linux Importer | Fixing | VCID-q8mt-excf-aaaa | https://security.archlinux.org/AVG-1926 | 34.0.0rc4 |
| 2024-01-03T22:28:28.225259+00:00 | Arch Linux Importer | Affected by | VCID-6q92-s7v5-aaab | https://security.archlinux.org/AVG-1994 | 34.0.0rc1 |
| 2024-01-03T22:26:54.203035+00:00 | Arch Linux Importer | Fixing | VCID-fccp-mqrj-aaaj | https://security.archlinux.org/AVG-1926 | 34.0.0rc1 |
| 2024-01-03T22:26:54.176733+00:00 | Arch Linux Importer | Fixing | VCID-5yyq-kxcg-aaas | https://security.archlinux.org/AVG-1926 | 34.0.0rc1 |
| 2024-01-03T22:26:54.153020+00:00 | Arch Linux Importer | Fixing | VCID-ydp2-dstr-aaas | https://security.archlinux.org/AVG-1926 | 34.0.0rc1 |
| 2024-01-03T22:26:54.129333+00:00 | Arch Linux Importer | Fixing | VCID-rfye-2s3j-aaaf | https://security.archlinux.org/AVG-1926 | 34.0.0rc1 |
| 2024-01-03T22:26:54.105420+00:00 | Arch Linux Importer | Fixing | VCID-q8mt-excf-aaaa | https://security.archlinux.org/AVG-1926 | 34.0.0rc1 |