Search for packages
| purl | pkg:maven/org.keycloak/keycloak-parent@7.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1m3m-ay28-aaag
Aliases: CVE-2019-14910 GHSA-jf86-9434-f8c2 |
Improper Authentication A vulnerability was found in keycloak, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. | There are no reported fixed by versions. |
|
VCID-jat1-5ptn-aaad
Aliases: CVE-2019-14909 GHSA-fv4q-wm8c-wjg4 |
Improper Authentication A vulnerability was found in Keycloak where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted. |
Affected by 22 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:41:35.410056+00:00 | GitLab Importer | Affected by | VCID-1m3m-ay28-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml | 34.0.1 |
| 2024-09-17T22:41:35.262728+00:00 | GitLab Importer | Affected by | VCID-jat1-5ptn-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14909.yml | 34.0.1 |
| 2024-01-03T18:03:51.228161+00:00 | GitLab Importer | Affected by | VCID-1m3m-ay28-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml | 34.0.0rc1 |
| 2024-01-03T18:03:51.122015+00:00 | GitLab Importer | Affected by | VCID-jat1-5ptn-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14909.yml | 34.0.0rc1 |