VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-ldap-federation@22.0.11

Search for packages

Package details: pkg:maven/org.keycloak/keycloak-ldap-federation@22.0.11

purl	pkg:maven/org.keycloak/keycloak-ldap-federation@22.0.11
Tags	Ghost

Next non-vulnerable version	26.1.1
Latest non-vulnerable version	26.1.3
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qc8g-byp9-aaaf Aliases: CVE-2024-5967 GHSA-c25h-c27q-5qpv GHSA-gmrm-8fx4-66x7	keycloak: Leak of configured LDAP bind credentials through the Keycloak admin console	22.0.12 Affected by 0 other vulnerabilities. 24.0.6 Affected by 0 other vulnerabilities. 25.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-qc8g-byp9-aaaf
Aliases:
CVE-2024-5967
GHSA-c25h-c27q-5qpv
GHSA-gmrm-8fx4-66x7

keycloak: Leak of configured LDAP bind credentials through the Keycloak admin console

22.0.12
Affected by 0 other vulnerabilities.

24.0.6
Affected by 0 other vulnerabilities.

25.0.1
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-09-17T21:59:56.433828+00:00	GHSA Importer	Affected by	VCID-qc8g-byp9-aaaf	https://github.com/advisories/GHSA-c25h-c27q-5qpv	34.0.1
2024-06-21T16:59:20.027689+00:00	GHSA Importer	Affected by	VCID-qc8g-byp9-aaaf	https://github.com/advisories/GHSA-c25h-c27q-5qpv	34.0.0rc4