Search for packages
Package details: pkg:maven/org.keycloak/keycloak-saml-core-public@18.0.1
purl pkg:maven/org.keycloak/keycloak-saml-core-public@18.0.1
Next non-vulnerable version 23.0.0
Latest non-vulnerable version 23.0.0
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-7qnt-1wwt-aaap
Aliases:
CVE-2022-3916
GHSA-97g8-xfvw-q4hg
GMS-2022-8406
Keycloak vulnerable to session takeover with OIDC offline refreshtokens
20.0.2
Affected by 1 other vulnerability.
VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w
The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
23.0.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-6gmx-q9wm-aaan An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled CVE-2022-2668
GHSA-q2gp-gph3-88x9
GHSA-wf7g-7h6h-678v

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:51:40.647905+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.3
2025-06-20T16:43:24.426030+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.3
2025-06-20T16:43:19.669397+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.3
2025-06-20T16:01:18.164839+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.3
2025-06-20T16:01:18.141776+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 36.1.3
2025-06-03T23:29:00.203425+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.0
2025-06-03T23:21:42.521511+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.0
2025-06-03T23:21:38.832089+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.0
2025-06-03T22:41:41.977626+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.0
2025-06-03T22:41:41.955897+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 36.1.0
2025-06-02T23:26:39.789032+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.2
2025-06-02T23:18:56.275549+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.1.2
2025-06-02T23:18:52.223609+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.2
2025-06-02T22:30:31.501328+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.1.2
2025-06-02T22:30:31.478530+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 36.1.2
2025-04-03T21:52:43.953171+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.0.0
2025-04-03T21:36:10.823928+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 36.0.0
2025-04-03T21:36:00.048894+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.0.0
2025-04-03T20:12:01.921843+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 36.0.0
2025-04-03T20:12:01.849419+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 36.0.0
2025-02-18T01:06:42.840915+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.1.0
2025-02-18T00:45:48.466097+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.1.0
2025-02-18T00:45:39.064082+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 35.1.0
2025-02-18T00:40:29.024461+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 35.1.0
2025-02-18T00:40:28.898677+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 35.1.0
2024-11-20T23:31:20.427994+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.0.0
2024-11-20T23:19:22.271498+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.0.0
2024-11-20T23:17:22.894259+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 35.0.0
2024-11-18T23:20:29.930041+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.3.2
2024-11-18T23:06:55.060795+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.3.2
2024-11-18T23:04:54.030973+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.3.2
2024-10-08T00:17:38.148000+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.2
2024-10-08T00:06:13.762968+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.2
2024-10-08T00:04:07.244716+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.2
2024-09-23T00:31:35.608374+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.1
2024-09-23T00:19:45.650573+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.1
2024-09-17T22:41:35.095475+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.1
2024-04-24T02:42:37.358251+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.0rc4
2024-04-24T02:32:09.212733+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc4
2024-04-24T02:32:02.533460+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc4
2024-04-24T02:27:23.939167+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 34.0.0rc4
2024-04-24T02:27:23.836879+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc4
2024-01-10T05:07:21.655315+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc2
2024-01-10T05:07:14.898000+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc2
2024-01-10T05:02:34.914486+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 34.0.0rc2
2024-01-10T05:02:34.814990+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc2
2024-01-03T21:55:05.816499+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc1
2024-01-03T21:54:58.939026+00:00 GitLab Importer Affected by VCID-7qnt-1wwt-aaap None 34.0.0rc1
2024-01-03T21:50:19.033617+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan None 34.0.0rc1
2024-01-03T18:03:50.970090+00:00 GitLab Importer Fixing VCID-6gmx-q9wm-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-2668.yml 34.0.0rc1