Search for packages
Package details: pkg:maven/org.keycloak/keycloak-parent@23.0.4
purl pkg:maven/org.keycloak/keycloak-parent@23.0.4
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-1m3m-ay28-aaag
Aliases:
CVE-2019-14910
GHSA-jf86-9434-f8c2
Improper Authentication A vulnerability was found in keycloak, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. There are no reported fixed by versions.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-dgpm-z9v1-aaak A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134. CVE-2023-6927
GHSA-3p75-q5cc-qmj7

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:50:11.838865+00:00 GitLab Importer Fixing VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.3
2025-06-20T15:52:02.912249+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.3
2025-06-20T15:48:14.016244+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.3
2025-06-03T23:27:41.161332+00:00 GitLab Importer Fixing VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.0
2025-06-03T22:32:56.933529+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.0
2025-06-03T22:29:16.087989+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.0
2025-06-02T23:25:17.077968+00:00 GitLab Importer Fixing VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.1.2
2025-06-02T22:21:34.311871+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.1.2
2025-06-02T22:17:40.516457+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.1.2
2025-04-03T21:49:49.466874+00:00 GitLab Importer Fixing VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 36.0.0
2025-04-03T19:56:44.624749+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 36.0.0
2025-04-03T19:51:31.536379+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 36.0.0
2025-02-18T06:41:23.844556+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 35.1.0
2025-02-18T06:41:23.314626+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 35.1.0
2025-02-18T01:07:44.721747+00:00 GitLab Importer Fixing VCID-dgpm-z9v1-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/GHSA-3p75-q5cc-qmj7.yml 35.1.0
2024-11-21T02:37:25.701679+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 35.0.0
2024-11-19T02:27:33.585824+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.3.2
2024-10-08T03:02:25.748174+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.2
2024-10-07T21:53:13.622424+00:00 GHSA Importer Fixing VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.2
2024-09-23T02:52:17.222137+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.1
2024-09-22T22:22:28.847313+00:00 GHSA Importer Fixing VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.1
2024-05-17T21:08:30.659441+00:00 GHSA Importer Fixing VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.0rc4
2024-04-24T05:31:11.755335+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.0rc4
2024-04-24T05:31:11.318279+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc4
2024-04-23T19:34:52.536874+00:00 GHSA Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc4
2024-01-10T08:03:09.076529+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 34.0.0rc2
2024-01-10T08:03:08.708775+00:00 GitLab Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc2
2024-01-10T03:14:43.791106+00:00 GHSA Importer Fixing VCID-dgpm-z9v1-aaak https://github.com/advisories/GHSA-3p75-q5cc-qmj7 34.0.0rc2
2024-01-09T21:27:45.813286+00:00 GHSA Importer Affected by VCID-1m3m-ay28-aaag None 34.0.0rc2