Search for packages
Package details: pkg:npm/keycloak-connect@0.0.0
purl pkg:npm/keycloak-connect@0.0.0
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-1d7p-grah-aaam
Aliases:
CVE-2023-0105
GHSA-c7xw-p58w-h6fj
GHSA-vhvq-jh34-3fc8
Keycloak allows impersonation and lockout due to email trust not being handled correctly There are no reported fixed by versions.
VCID-q4tz-awfu-aaaa
Aliases:
CVE-2022-2237
GHSA-59fq-727j-hm3f
GMS-2023-578
keycloak-connect contains Open redirect vulnerability in the Node.js adapter
18.0.2
Affected by 9 other vulnerabilities.
21.0.1
Affected by 6 other vulnerabilities.
VCID-qwpr-cqmm-aaaa
Aliases:
CVE-2023-0091
GHSA-v436-q368-hvgg
GMS-2023-37
Keycloak has lack of validation of access token on client registrations endpoint There are no reported fixed by versions.
VCID-sjz1-u3j6-aaas
Aliases:
CVE-2022-4137
GHSA-9hhc-pj4w-w5rv
GMS-2023-616
Keycloak Cross-site Scripting on OpenID connect login service There are no reported fixed by versions.
VCID-zj26-g915-aaap
Aliases:
CVE-2022-1438
GHSA-w354-2f3c-qvg9
GMS-2023-529
Keycloak vulnerable to Cross-site Scripting There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-09-17T22:44:09.769614+00:00 GitLab Importer Affected by VCID-1d7p-grah-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2023-0105.yml 34.0.1
2024-09-17T22:44:09.602764+00:00 GitLab Importer Affected by VCID-qwpr-cqmm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2023-0091.yml 34.0.1
2024-09-17T22:44:09.577770+00:00 GitLab Importer Affected by VCID-zj26-g915-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2022-1438.yml 34.0.1
2024-09-17T22:44:08.479260+00:00 GitLab Importer Affected by VCID-sjz1-u3j6-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2022-4137.yml 34.0.1
2024-01-03T18:05:54.426013+00:00 GitLab Importer Affected by VCID-1d7p-grah-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2023-0105.yml 34.0.0rc1
2024-01-03T18:05:54.278155+00:00 GitLab Importer Affected by VCID-qwpr-cqmm-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2023-0091.yml 34.0.0rc1
2024-01-03T18:05:54.252025+00:00 GitLab Importer Affected by VCID-zj26-g915-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2022-1438.yml 34.0.0rc1
2024-01-03T18:05:53.540120+00:00 GitLab Importer Affected by VCID-sjz1-u3j6-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/keycloak-connect/CVE-2022-4137.yml 34.0.0rc1