VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-common@3.4.2.Final

Search for packages

Package details: pkg:maven/org.keycloak/keycloak-common@3.4.2.Final

Essentials
History (1)

purl	pkg:maven/org.keycloak/keycloak-common@3.4.2.Final

Next non-vulnerable version	11.0.0
Latest non-vulnerable version	11.0.0
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-m7sr-ms58-4uhh Aliases: CVE-2020-1714 GHSA-m6mm-q862-j366	Improper Input Validation in Keycloak A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.	11.0.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:32:14.064245+00:00	GitLab Importer	Affected by	VCID-m7sr-ms58-4uhh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-common/CVE-2020-1714.yml	37.0.0