Search for packages
Package details: pkg:maven/org.keycloak/keycloak-saml-core-public@20.0.2
purl pkg:maven/org.keycloak/keycloak-saml-core-public@20.0.2
Next non-vulnerable version 23.0.0
Latest non-vulnerable version 23.0.0
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w
The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
23.0.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-7qnt-1wwt-aaap Keycloak vulnerable to session takeover with OIDC offline refreshtokens CVE-2022-3916
GHSA-97g8-xfvw-q4hg
GMS-2022-8406

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:51:40.662574+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.3
2025-06-20T16:43:24.441031+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.3
2025-06-20T16:43:19.687311+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.3
2025-06-03T23:29:00.217696+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.0
2025-06-03T23:21:42.533394+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.0
2025-06-03T23:21:38.844103+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.0
2025-06-02T23:26:39.803627+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.1.2
2025-06-02T23:18:56.290199+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.2
2025-06-02T23:18:52.238839+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.1.2
2025-04-03T21:52:43.993627+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 36.0.0
2025-04-03T21:36:10.863563+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.0.0
2025-04-03T21:36:00.088867+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 36.0.0
2025-02-18T01:06:42.879376+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.1.0
2025-02-18T00:45:48.504618+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.1.0
2025-02-18T00:45:39.103520+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 35.1.0
2024-11-20T23:31:20.466916+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 35.0.0
2024-11-20T23:19:22.308975+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 35.0.0
2024-11-18T23:20:29.968752+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.3.2
2024-11-18T23:06:55.101968+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.3.2
2024-10-08T00:17:38.186673+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.2
2024-10-08T00:06:13.801527+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.2
2024-09-23T00:31:35.646272+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.1
2024-09-17T22:41:35.201539+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.1
2024-04-24T02:42:37.399845+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2023-6291.yml 34.0.0rc4
2024-04-24T02:32:09.252325+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc4
2024-04-24T02:32:02.572983+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc4
2024-01-10T05:07:21.692600+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc2
2024-01-10T05:07:14.934952+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc2
2024-01-03T21:54:58.976095+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc1
2024-01-03T18:03:51.060869+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-saml-core-public/CVE-2022-3916.yml 34.0.0rc1