Search for packages
Package details: pkg:maven/org.keycloak/keycloak-server-spi-private@20.0.2
purl pkg:maven/org.keycloak/keycloak-server-spi-private@20.0.2
Next non-vulnerable version 23.0.0
Latest non-vulnerable version 23.0.0
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-caef-7bbm-aaaa
Aliases:
CVE-2023-2585
GHSA-f5h4-wmp5-xhg6
Client Spoofing within the Keycloak Device Authorisation Grant
21.1.2
Affected by 1 other vulnerability.
VCID-kfzc-yxas-aaad
Aliases:
CVE-2023-6291
GHSA-mpwq-j3xf-7m5w
The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
23.0.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-7qnt-1wwt-aaap Keycloak vulnerable to session takeover with OIDC offline refreshtokens CVE-2022-3916
GHSA-97g8-xfvw-q4hg
GMS-2022-8406

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:51:41.043863+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 36.1.3
2025-06-20T16:43:12.914050+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 36.1.3
2025-06-20T16:43:12.184164+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.3
2025-06-20T16:36:05.942075+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 36.1.3
2025-06-20T16:36:03.994463+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 36.1.3
2025-06-03T23:29:00.578917+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 36.1.0
2025-06-03T23:21:33.349825+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 36.1.0
2025-06-03T23:21:32.709138+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.0
2025-06-03T23:14:50.858205+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 36.1.0
2025-06-03T23:14:48.951660+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 36.1.0
2025-06-02T23:26:40.196436+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 36.1.2
2025-06-02T23:18:46.202187+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 36.1.2
2025-06-02T23:18:45.547490+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.1.2
2025-06-02T23:11:52.558726+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 36.1.2
2025-06-02T23:11:51.270193+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 36.1.2
2025-04-03T21:52:44.852570+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 36.0.0
2025-04-03T21:35:45.411691+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 36.0.0
2025-04-03T21:35:43.808716+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 36.0.0
2025-04-03T21:21:29.195489+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 36.0.0
2025-04-03T21:21:25.346380+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 36.0.0
2025-02-18T06:05:42.151365+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 35.1.0
2025-02-18T06:05:39.947600+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 35.1.0
2025-02-18T01:06:40.695557+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 35.1.0
2025-02-18T00:45:45.928556+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 35.1.0
2025-02-18T00:45:39.604070+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 35.1.0
2024-11-21T02:18:23.025913+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 35.0.0
2024-11-20T23:31:22.029939+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 35.0.0
2024-11-20T23:19:21.073174+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 35.0.0
2024-11-19T02:08:39.509764+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.3.2
2024-11-18T23:20:31.528873+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 34.3.2
2024-11-18T23:06:53.902443+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.3.2
2024-10-08T02:42:39.771215+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.0.2
2024-10-08T00:17:39.727085+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 34.0.2
2024-10-08T00:06:12.587199+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.0.2
2024-10-07T21:11:37.390802+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa https://github.com/advisories/GHSA-f5h4-wmp5-xhg6 34.0.2
2024-09-23T02:34:06.524813+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.0.1
2024-09-23T00:31:37.133239+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 34.0.1
2024-09-22T21:46:48.936826+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa https://github.com/advisories/GHSA-f5h4-wmp5-xhg6 34.0.1
2024-09-17T22:41:33.204554+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.0.1
2024-04-24T05:08:58.375974+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.0.0rc4
2024-04-24T05:08:56.062245+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 34.0.0rc4
2024-04-24T02:42:35.967887+00:00 GitLab Importer Affected by VCID-kfzc-yxas-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-6291.yml 34.0.0rc4
2024-04-24T02:32:06.886919+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.0.0rc4
2024-04-24T02:32:03.117468+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc4
2024-04-24T00:08:31.156324+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa None 34.0.0rc4
2024-04-24T00:08:30.583311+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa https://github.com/advisories/GHSA-f5h4-wmp5-xhg6 34.0.0rc4
2024-01-10T07:42:15.622212+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.0.0rc2
2024-01-10T07:42:13.377953+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 34.0.0rc2
2024-01-10T05:07:19.474667+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.0.0rc2
2024-01-10T05:07:15.461725+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc2
2024-01-10T02:09:29.031680+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa None 34.0.0rc2
2024-01-10T02:09:28.491835+00:00 GHSA Importer Affected by VCID-caef-7bbm-aaaa https://github.com/advisories/GHSA-f5h4-wmp5-xhg6 34.0.0rc2
2024-01-04T00:27:31.197774+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2023-2585.yml 34.0.0rc1
2024-01-04T00:27:29.010201+00:00 GitLab Importer Affected by VCID-caef-7bbm-aaaa None 34.0.0rc1
2024-01-03T21:54:59.494400+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap None 34.0.0rc1
2024-01-03T18:03:50.002404+00:00 GitLab Importer Fixing VCID-7qnt-1wwt-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-server-spi-private/CVE-2022-3916.yml 34.0.0rc1