Search for packages
Package details: pkg:maven/org.keycloak/keycloak-parent@22.0.2
purl pkg:maven/org.keycloak/keycloak-parent@22.0.2
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-1m3m-ay28-aaag
Aliases:
CVE-2019-14910
GHSA-jf86-9434-f8c2
Improper Authentication A vulnerability was found in keycloak, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. There are no reported fixed by versions.
VCID-a3d5-nsyp-aaaf
Aliases:
CVE-2023-4918
GHSA-5q66-v53q-pm35
A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are able to read users attributes, allowing a malicious user with minimal access to retrieve the users passwords in clear text, jeopardizing their environment.
22.0.3
Affected by 3 other vulnerabilities.
VCID-dgpm-z9v1-aaak
Aliases:
CVE-2023-6927
GHSA-3p75-q5cc-qmj7
A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.
23.0.4
Affected by 1 other vulnerability.
VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w
The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
23.0.0
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:51:38.406515+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 36.1.3
2025-06-20T16:50:11.823322+00:00 GitLab Importer Affected by VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.3
2025-06-20T16:42:19.800400+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 36.1.3
2025-06-20T16:42:01.998657+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 36.1.3
2025-06-20T15:52:02.898081+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.3
2025-06-20T15:48:14.001439+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.3
2025-06-03T23:28:58.071444+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 36.1.0
2025-06-03T23:27:41.146909+00:00 GitLab Importer Affected by VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.0
2025-06-03T23:20:45.957868+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 36.1.0
2025-06-03T23:20:29.779105+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 36.1.0
2025-06-03T22:32:56.921467+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.0
2025-06-03T22:29:16.075752+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.0
2025-06-02T23:26:37.529044+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 36.1.2
2025-06-02T23:25:17.062923+00:00 GitLab Importer Affected by VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.2
2025-06-02T23:17:56.883817+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 36.1.2
2025-06-02T23:17:39.357417+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 36.1.2
2025-06-02T22:21:34.296429+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.2
2025-06-02T22:17:40.500850+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.2
2025-04-03T21:52:38.204590+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 36.0.0
2025-04-03T21:49:49.426980+00:00 GitLab Importer Affected by VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.0.0
2025-04-03T21:33:54.077028+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 36.0.0
2025-04-03T21:33:27.464774+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 36.0.0
2025-04-03T19:56:44.585563+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.0.0
2025-04-03T19:51:31.497548+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.0.0
2025-02-18T06:41:23.805923+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 35.1.0
2025-02-18T06:41:23.275104+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 35.1.0
2025-02-18T03:41:24.578864+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 35.1.0
2025-02-18T03:41:23.908964+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 35.1.0
2025-02-18T01:07:44.682898+00:00 GitLab Importer Affected by VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 35.1.0
2025-02-18T01:06:42.286273+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 35.1.0
2024-11-21T02:37:25.661705+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 35.0.0
2024-11-21T00:59:38.201373+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 35.0.0
2024-11-20T23:31:19.862635+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 35.0.0
2024-11-19T02:27:33.545502+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.3.2
2024-11-19T00:48:15.250988+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.3.2
2024-11-18T23:20:29.368596+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 34.3.2
2024-10-08T03:02:25.702793+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.2
2024-10-08T01:20:10.895163+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.0.2
2024-10-08T00:17:37.571620+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 34.0.2
2024-10-07T21:53:13.580569+00:00 GHSA Importer Affected by VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.2
2024-09-23T02:52:17.183341+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.1
2024-09-23T00:31:35.063913+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 34.0.1
2024-09-22T22:22:28.807032+00:00 GHSA Importer Affected by VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.1
2024-09-17T22:41:35.831741+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.0.1
2024-05-17T21:08:30.619522+00:00 GHSA Importer Affected by VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.0rc4
2024-04-24T05:31:11.718035+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.0rc4
2024-04-24T05:31:11.280834+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc4
2024-04-24T03:56:04.908583+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.0.0rc4
2024-04-24T03:56:04.381997+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 34.0.0rc4
2024-04-24T02:42:39.401348+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-6291.yml 34.0.0rc4
2024-04-23T19:34:52.499529+00:00 GHSA Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc4
2024-01-10T08:03:09.042641+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.0rc2
2024-01-10T08:03:08.671745+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc2
2024-01-10T06:36:34.961776+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.0.0rc2
2024-01-10T06:36:34.443467+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 34.0.0rc2
2024-01-10T03:14:43.750075+00:00 GHSA Importer Affected by VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.0rc2
2024-01-09T21:27:45.769742+00:00 GHSA Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc2
2024-01-04T00:48:18.107253+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.0rc1
2024-01-04T00:48:17.714354+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc1
2024-01-03T23:23:05.280454+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf None 34.0.0rc1
2024-01-03T18:03:51.422479+00:00 GitLab Importer Affected by VCID-a3d5-nsyp-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2023-4918.yml 34.0.0rc1
2024-01-03T16:23:17.844931+00:00 GHSA Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc1