Search for packages
Package details: pkg:maven/org.keycloak/keycloak-saml-core-public@18.0.0
purl pkg:maven/org.keycloak/keycloak-saml-core-public@18.0.0
Next non-vulnerable version 23.0.0
Latest non-vulnerable version 23.0.0
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-6gmx-q9wm-aaan
Aliases:
CVE-2022-2668
GHSA-q2gp-gph3-88x9
GHSA-wf7g-7h6h-678v
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
18.0.1
Affected by 2 other vulnerabilities.
VCID-7qnt-1wwt-aaap
Aliases:
CVE-2022-3916
GHSA-97g8-xfvw-q4hg
GMS-2022-8406
Keycloak vulnerable to session takeover with OIDC offline refreshtokens
20.0.2
Affected by 1 other vulnerability.
VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w
The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
23.0.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-17mu-ww7e-aaah Privilege escalation vulnerability on Token Exchange feature CVE-2022-1245
GHSA-75p6-52g3-rqc8
GMS-2022-1039

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:51:40.646052+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.3
2025-06-20T16:43:24.423826+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.3
2025-06-20T16:43:19.667361+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.3
2025-06-20T16:01:18.163217+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.3
2025-06-20T16:01:18.140031+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 36.1.3
2025-06-20T15:59:26.144515+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 36.1.3
2025-06-20T15:59:25.659519+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 36.1.3
2025-06-03T23:29:00.201648+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.0
2025-06-03T23:21:42.520012+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.0
2025-06-03T23:21:38.830598+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.0
2025-06-03T22:41:41.976045+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.0
2025-06-03T22:41:41.954222+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 36.1.0
2025-06-03T22:39:56.782211+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 36.1.0
2025-06-03T22:39:56.354107+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 36.1.0
2025-06-02T23:26:39.787164+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.2
2025-06-02T23:18:56.273684+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.2
2025-06-02T23:18:52.221723+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.2
2025-06-02T22:30:31.499472+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.2
2025-06-02T22:30:31.475907+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 36.1.2
2025-06-02T22:28:40.438882+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 36.1.2
2025-06-02T22:28:39.928725+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 36.1.2
2025-04-03T21:52:43.948256+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.0.0
2025-04-03T21:36:10.819016+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.0.0
2025-04-03T21:36:00.043899+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.0.0
2025-04-03T20:12:01.916820+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.0.0
2025-04-03T20:12:01.844942+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 36.0.0
2025-04-03T20:08:32.099522+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 36.0.0
2025-04-03T20:08:30.741912+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 36.0.0
2025-02-18T02:32:06.170292+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 35.1.0
2025-02-18T02:32:05.659244+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 35.1.0
2025-02-18T01:06:42.836124+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.1.0
2025-02-18T00:45:48.461271+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.1.0
2025-02-18T00:45:39.059231+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 35.1.0
2025-02-18T00:40:29.019784+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 35.1.0
2025-02-18T00:40:28.892759+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 35.1.0
2024-11-21T00:27:22.891220+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 35.0.0
2024-11-20T23:31:20.423091+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.0.0
2024-11-20T23:19:22.266759+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.0.0
2024-11-20T23:17:22.888476+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 35.0.0
2024-11-19T00:07:47.485547+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.3.2
2024-11-18T23:20:29.924998+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.3.2
2024-11-18T23:06:55.056087+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.3.2
2024-11-18T23:04:54.025934+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.3.2
2024-10-08T00:51:48.606831+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.0.2
2024-10-08T00:17:38.143040+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.2
2024-10-08T00:06:13.758039+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.2
2024-10-08T00:04:07.239393+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.2
2024-09-23T00:31:35.603552+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.1
2024-09-23T00:19:45.645872+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.1
2024-09-17T22:41:35.154714+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.0.1
2024-09-17T22:41:35.090257+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.1
2024-04-24T03:16:54.536897+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.0.0rc4
2024-04-24T03:16:54.020987+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 34.0.0rc4
2024-04-24T02:42:37.350274+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.0rc4
2024-04-24T02:32:09.207748+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc4
2024-04-24T02:32:02.528542+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc4
2024-04-24T02:27:23.934390+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 34.0.0rc4
2024-04-24T02:27:23.831900+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc4
2024-01-10T05:56:41.648593+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.0.0rc2
2024-01-10T05:56:41.128710+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 34.0.0rc2
2024-01-10T05:07:21.650716+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc2
2024-01-10T05:07:14.893414+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc2
2024-01-10T05:02:34.910199+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 34.0.0rc2
2024-01-10T05:02:34.810365+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc2
2024-01-03T22:44:35.792193+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah None 34.0.0rc1
2024-01-03T21:55:05.811805+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc1
2024-01-03T21:54:58.934351+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc1
2024-01-03T21:50:19.028800+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan None 34.0.0rc1
2024-01-03T18:03:51.014653+00:00 GitLab Importer Fixing VCID-17mu-ww7e-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-1245.yml 34.0.0rc1
2024-01-03T18:03:50.965100+00:00 GitLab Importer Affected by VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc1