VulnerableCode Package Details - pkg:maven/org.keycloak/keycloak-services@26.2.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1azf-tnm3-pyh3 Aliases: GHSA-fx44-2wx5-5fvp	Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass	26.2.2 Affected by 0 other vulnerabilities.
VCID-5hrf-cqc3-b7am Aliases: GHSA-r934-w73g-v4p8	Duplicate Advisory: Keycloak hostname verification	26.2.2 Affected by 0 other vulnerabilities.
VCID-w71m-tyt8-dqby Aliases: CVE-2025-3501 GHSA-hw58-3793-42gg	A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.	26.2.2 Affected by 0 other vulnerabilities.
VCID-ze83-qhsk-67bh Aliases: CVE-2025-3910 GHSA-5jfq-x6xp-7rw2	A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.	26.2.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1azf-tnm3-pyh3
Aliases:
GHSA-fx44-2wx5-5fvp

Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass

26.2.2
Affected by 0 other vulnerabilities.

VCID-5hrf-cqc3-b7am
Aliases:
GHSA-r934-w73g-v4p8

Duplicate Advisory: Keycloak hostname verification

26.2.2
Affected by 0 other vulnerabilities.

VCID-w71m-tyt8-dqby
Aliases:
CVE-2025-3501
GHSA-hw58-3793-42gg

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

26.2.2
Affected by 0 other vulnerabilities.

VCID-ze83-qhsk-67bh
Aliases:
CVE-2025-3910
GHSA-5jfq-x6xp-7rw2

A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.

26.2.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T17:21:01.336579+00:00	GitLab Importer	Affected by	VCID-w71m-tyt8-dqby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3501.yml	36.1.3
2025-06-20T17:20:56.222423+00:00	GitLab Importer	Affected by	VCID-ze83-qhsk-67bh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3910.yml	36.1.3
2025-06-20T17:20:52.291060+00:00	GitLab Importer	Affected by	VCID-1azf-tnm3-pyh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-fx44-2wx5-5fvp.yml	36.1.3
2025-06-20T17:20:51.414183+00:00	GitLab Importer	Affected by	VCID-5hrf-cqc3-b7am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-r934-w73g-v4p8.yml	36.1.3
2025-06-03T23:55:54.197053+00:00	GitLab Importer	Affected by	VCID-w71m-tyt8-dqby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3501.yml	36.1.0
2025-06-03T23:55:49.397621+00:00	GitLab Importer	Affected by	VCID-ze83-qhsk-67bh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3910.yml	36.1.0
2025-06-03T23:55:46.222503+00:00	GitLab Importer	Affected by	VCID-1azf-tnm3-pyh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-fx44-2wx5-5fvp.yml	36.1.0
2025-06-03T23:55:45.425459+00:00	GitLab Importer	Affected by	VCID-5hrf-cqc3-b7am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-r934-w73g-v4p8.yml	36.1.0
2025-06-02T23:54:49.377829+00:00	GitLab Importer	Affected by	VCID-w71m-tyt8-dqby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3501.yml	36.1.2
2025-06-02T23:54:44.260666+00:00	GitLab Importer	Affected by	VCID-ze83-qhsk-67bh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3910.yml	36.1.2
2025-06-02T23:54:40.963752+00:00	GitLab Importer	Affected by	VCID-1azf-tnm3-pyh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-fx44-2wx5-5fvp.yml	36.1.2
2025-06-02T23:54:40.098909+00:00	GitLab Importer	Affected by	VCID-5hrf-cqc3-b7am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-r934-w73g-v4p8.yml	36.1.2
2025-05-31T23:45:02.436171+00:00	GitLab Importer	Affected by	VCID-w71m-tyt8-dqby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3501.yml	36.0.0
2025-05-31T23:44:57.131331+00:00	GitLab Importer	Affected by	VCID-ze83-qhsk-67bh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/CVE-2025-3910.yml	36.0.0
2025-05-31T02:29:19.091826+00:00	GitLab Importer	Affected by	VCID-1azf-tnm3-pyh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-fx44-2wx5-5fvp.yml	36.0.0
2025-05-31T02:29:18.170624+00:00	GitLab Importer	Affected by	VCID-5hrf-cqc3-b7am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-services/GHSA-r934-w73g-v4p8.yml	36.0.0