VulnerableCode Package Details - pkg:alpm/archlinux/keycloak@15.0.2-1

Search for packages

Package details: pkg:alpm/archlinux/keycloak@15.0.2-1

Essentials
History (27)

purl	pkg:alpm/archlinux/keycloak@15.0.2-1

Next non-vulnerable version	16.0.0-1
Latest non-vulnerable version	16.0.0-1
Risk	4.5

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-6ga3-jpyg-aaak Aliases: CVE-2021-3424 GHSA-pf38-cw3p-22q9	Keycloak is vulnerable to IDN homograph attack	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-7sy1-rxem-aaas Aliases: CVE-2020-10734 GHSA-rvjg-gxwx-j5gf	OIDC Logout redirect in keycloak	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-b76u-hkzd-aaap Aliases: CVE-2021-3827 GHSA-4pc7-vqv5-5r3v GMS-2022-1098	ECP SAML binding bypasses authentication flows	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-cvan-qun2-aaac Aliases: CVE-2020-1717 GHSA-rvfc-g8j5-9ccf	Generation of Error Message Containing Sensitive Information in keybloack	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-fk8g-8kjz-aaah Aliases: CVE-2020-1725 GHSA-p225-pc2x-4jpm	Incorrect Authorization in keycloak	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-j9x9-5u7p-aaaj Aliases: CVE-2021-20262 GHSA-xf46-8vvp-4hxx	Missing authentication for critical function	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-k1kw-pbtk-aaaf Aliases: CVE-2020-1723	The logout endpoint /oauth/logout?redirect=url can be abused to redirect logged in users to arbitrary web pages. This vulnerability could be used in phishing attacks. Versions shipped with Red Hat Mobile Aplication Platform 4 are believed to be vulnerable.	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-khbc-26kj-aaad Aliases: CVE-2021-3632 GHSA-qpq9-jpv4-6gwr	CVE-2021-3632 keycloak: Anyone can register a new device when there is no device registered for passwordless login	16.0.0-1 Affected by 0 other vulnerabilities.
VCID-sr91-xpzg-aaad Aliases: CVE-2020-14359 GHSA-jh6m-3pqw-242h	Authentication Bypass by Primary Weakness in keycloak	16.0.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:17.129937+00:00	Arch Linux Importer	Affected by	VCID-7sy1-rxem-aaas	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:17.100327+00:00	Arch Linux Importer	Affected by	VCID-sr91-xpzg-aaad	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:17.073041+00:00	Arch Linux Importer	Affected by	VCID-cvan-qun2-aaac	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:17.044607+00:00	Arch Linux Importer	Affected by	VCID-k1kw-pbtk-aaaf	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:17.017269+00:00	Arch Linux Importer	Affected by	VCID-fk8g-8kjz-aaah	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:16.989140+00:00	Arch Linux Importer	Affected by	VCID-j9x9-5u7p-aaaj	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:16.962912+00:00	Arch Linux Importer	Affected by	VCID-6ga3-jpyg-aaak	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:16.944075+00:00	Arch Linux Importer	Affected by	VCID-khbc-26kj-aaad	https://security.archlinux.org/AVG-1332	36.0.0
2025-03-28T07:45:16.925281+00:00	Arch Linux Importer	Affected by	VCID-b76u-hkzd-aaap	https://security.archlinux.org/AVG-1332	36.0.0
2024-09-18T02:00:13.068876+00:00	Arch Linux Importer	Affected by	VCID-7sy1-rxem-aaas	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:13.046939+00:00	Arch Linux Importer	Affected by	VCID-sr91-xpzg-aaad	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:13.026286+00:00	Arch Linux Importer	Affected by	VCID-cvan-qun2-aaac	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:13.003357+00:00	Arch Linux Importer	Affected by	VCID-k1kw-pbtk-aaaf	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:12.978560+00:00	Arch Linux Importer	Affected by	VCID-fk8g-8kjz-aaah	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:12.955028+00:00	Arch Linux Importer	Affected by	VCID-j9x9-5u7p-aaaj	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:12.928720+00:00	Arch Linux Importer	Affected by	VCID-6ga3-jpyg-aaak	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:12.906234+00:00	Arch Linux Importer	Affected by	VCID-khbc-26kj-aaad	https://security.archlinux.org/AVG-1332	34.0.1
2024-09-18T02:00:12.881112+00:00	Arch Linux Importer	Affected by	VCID-b76u-hkzd-aaap	https://security.archlinux.org/AVG-1332	34.0.1
2024-01-03T22:26:27.400789+00:00	Arch Linux Importer	Affected by	VCID-7sy1-rxem-aaas	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.378754+00:00	Arch Linux Importer	Affected by	VCID-sr91-xpzg-aaad	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.356895+00:00	Arch Linux Importer	Affected by	VCID-cvan-qun2-aaac	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.333442+00:00	Arch Linux Importer	Affected by	VCID-k1kw-pbtk-aaaf	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.311892+00:00	Arch Linux Importer	Affected by	VCID-fk8g-8kjz-aaah	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.290199+00:00	Arch Linux Importer	Affected by	VCID-j9x9-5u7p-aaaj	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.268721+00:00	Arch Linux Importer	Affected by	VCID-6ga3-jpyg-aaak	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.246903+00:00	Arch Linux Importer	Affected by	VCID-khbc-26kj-aaad	https://security.archlinux.org/AVG-1332	34.0.0rc1
2024-01-03T22:26:27.224648+00:00	Arch Linux Importer	Affected by	VCID-b76u-hkzd-aaap	https://security.archlinux.org/AVG-1332	34.0.0rc1