Search for packages
| purl | pkg:npm/keycloak-auth-utils@3.1.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-733r-y5bp-aaae | High severity vulnerability that affects keycloak-connect and keycloak-js It was found that the Keycloak Node.js adapter - did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks. |
CVE-2017-7474
GHSA-mw35-24gh-f82w |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:43:58.419231+00:00 | GitLab Importer | Fixing | VCID-733r-y5bp-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-auth-utils/CVE-2017-7474.yml | 34.0.1 |
| 2024-01-03T18:05:45.456816+00:00 | GitLab Importer | Fixing | VCID-733r-y5bp-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-auth-utils/CVE-2017-7474.yml | 34.0.0rc1 |