Search for packages
| purl | pkg:alpm/archlinux/keycloak@12.0.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-q9y4-889z-aaaa
Aliases: CVE-2020-10770 GHSA-jh7q-5mwf-qvhw |
Server-Side Request Forgery (SSRF) A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the `OIDC` parameter `request_uri`. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:44.369851+00:00 | Arch Linux Importer | Affected by | VCID-q9y4-889z-aaaa | https://security.archlinux.org/AVG-1577 | 36.0.0 |
| 2024-09-18T02:02:05.222326+00:00 | Arch Linux Importer | Affected by | VCID-q9y4-889z-aaaa | https://security.archlinux.org/AVG-1577 | 34.0.1 |
| 2024-01-03T22:28:07.734747+00:00 | Arch Linux Importer | Affected by | VCID-q9y4-889z-aaaa | https://security.archlinux.org/AVG-1577 | 34.0.0rc1 |