VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-saml-core-public@18.0.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-7qnt-1wwt-aaap Aliases: CVE-2022-3916 GHSA-97g8-xfvw-q4hg GMS-2022-8406	Keycloak vulnerable to session takeover with OIDC offline refreshtokens	20.0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-kfzc-yxas-aaad Aliases: CVE-2023-6291 GHSA-mpwq-j3xf-7m5w	The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted	23.0.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-7qnt-1wwt-aaap
Aliases:
CVE-2022-3916
GHSA-97g8-xfvw-q4hg
GMS-2022-8406

Keycloak vulnerable to session takeover with OIDC offline refreshtokens

20.0.2
Affected by 1 other vulnerability.

VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w

The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted

23.0.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T16:51:40.649768+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	36.1.3
2025-06-20T16:43:24.428131+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	36.1.3
2025-06-20T16:43:19.671663+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	36.1.3
2025-06-03T23:29:00.205218+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	36.1.0
2025-06-03T23:21:42.523004+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	36.1.0
2025-06-03T23:21:38.833565+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	36.1.0
2025-06-02T23:26:39.790861+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	36.1.2
2025-06-02T23:18:56.277384+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	36.1.2
2025-06-02T23:18:52.225509+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	36.1.2
2025-04-03T21:52:43.958147+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	36.0.0
2025-04-03T21:36:10.828865+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	36.0.0
2025-04-03T21:36:00.053924+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	36.0.0
2025-02-18T01:06:42.845768+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	35.1.0
2025-02-18T00:45:48.470935+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	35.1.0
2025-02-18T00:45:39.068812+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	35.1.0
2024-11-20T23:31:20.432775+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	35.0.0
2024-11-20T23:19:22.276294+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	35.0.0
2024-11-18T23:20:29.935010+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	34.3.2
2024-11-18T23:06:55.065528+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.3.2
2024-10-08T00:17:38.152789+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	34.0.2
2024-10-08T00:06:13.767943+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.0.2
2024-09-23T00:31:35.613061+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	34.0.1
2024-09-23T00:19:45.655339+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.0.1
2024-04-24T02:42:37.363480+00:00	GitLab Importer	Affected by	VCID-kfzc-yxas-aaad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml	34.0.0rc4
2024-04-24T02:32:09.217704+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.0.0rc4
2024-04-24T02:32:02.538278+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	34.0.0rc4
2024-01-10T05:07:21.660002+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.0.0rc2
2024-01-10T05:07:14.902648+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	34.0.0rc2
2024-01-03T21:55:05.821086+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml	34.0.0rc1
2024-01-03T21:54:58.943659+00:00	GitLab Importer	Affected by	VCID-7qnt-1wwt-aaap	None	34.0.0rc1