VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-saml-core-public@22.0.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-ynan-6bh4-cfhq Aliases: CVE-2023-6291 GHSA-mpwq-j3xf-7m5w	The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted An issue was found in the redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts. The problem arises in the verifyRedirectUri method, which attempts to enforce rules on user-controllable input, but essentially causes a desynchronization in how Keycloak and browsers interpret URLs. Keycloak, for example, receives "[www%2ekeycloak%2eorg%2fapp%2f:y@example.com](https://www%2ekeycloak%2eorg%2fapp%2f:y@example.com/)" and thinks the authority to be keycloak.org when it is actually example.com. This happens because the validation logic is performed on a URL decoded version, which no longer represents the original input. ### Acknowledgements Karel Knibbe	23.0.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-ynan-6bh4-cfhq
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w

The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted An issue was found in the redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts. The problem arises in the verifyRedirectUri method, which attempts to enforce rules on user-controllable input, but essentially causes a desynchronization in how Keycloak and browsers interpret URLs. Keycloak, for example, receives "[www%2ekeycloak%2eorg%2fapp%2f:y@example.com](https://www%2ekeycloak%2eorg%2fapp%2f:y@example.com/)" and thinks the authority to be keycloak.org when it is actually example.com. This happens because the validation logic is performed on a URL decoded version, which no longer represents the original input. ### Acknowledgements Karel Knibbe

23.0.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-jmtd-5xd3-f3hb	Keycloak vulnerable to Plaintext Storage of User Password A flaw was discovered in Keycloak Core package. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular attributes in the users attributes. The password is also created, but the user attributes must not be there. This way, any entities (all users and clients with proper rights/roles) are able to retrieve the users passwords in clear-text. ### Impact Passwords for self-registered users are stored as cleartext attributes associated with the user. ### Mitigation Disable self-registration for users in all realms until patched.	CVE-2023-4918 GHSA-5q66-v53q-pm35

Vulnerability

Summary

Aliases

VCID-jmtd-5xd3-f3hb

Keycloak vulnerable to Plaintext Storage of User Password A flaw was discovered in Keycloak Core package. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular attributes in the users attributes. The password is also created, but the user attributes must not be there. This way, any entities (all users and clients with proper rights/roles) are able to retrieve the users passwords in clear-text. ### Impact Passwords for self-registered users are stored as cleartext attributes associated with the user. ### Mitigation Disable self-registration for users in all realms until patched.

CVE-2023-4918
GHSA-5q66-v53q-pm35

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T11:31:58.496803+00:00	GitLab Importer	Affected by	VCID-ynan-6bh4-cfhq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	37.0.0
2025-07-31T09:29:57.551355+00:00	GitLab Importer	Fixing	VCID-jmtd-5xd3-f3hb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-4918.yml	37.0.0

2025-08-01T11:31:58.496803+00:00

GitLab Importer

Affected by

VCID-ynan-6bh4-cfhq

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml

37.0.0

2025-07-31T09:29:57.551355+00:00

GitLab Importer

Fixing

VCID-jmtd-5xd3-f3hb

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-4918.yml

37.0.0

Next non-vulnerable version	23.0.0
Latest non-vulnerable version	23.0.0
Risk	4.0