pkg:maven/org.keycloak/keycloak-saml-core
Type
maven
Namespace
org.keycloak
Name
keycloak-saml-core
Known advisories, vulnerabilities and fixes for org.keycloak/keycloak-saml-core package.
High
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 18.0.0 |
CVE-2021-3827
|
MAVEN:GHSA-4PC7-VQV5-5R3V | ECP SAML binding bypasses authentication flows | high |
2022-04-27T21:25:59
(2 years ago) |
|
Fixed | = 18.0.0 |
CVE-2021-3827
|
MAVEN:GHSA-4PC7-VQV5-5R3V | ECP SAML binding bypasses authentication flows | high |
2022-04-27T21:25:59
(2 years ago) |
|
Affected | <= 19.0.1 | MAVEN:GHSA-Q2GP-GPH3-88X9 | Keycloak allows arbitrary Javascript to be uploaded for SAML protocol mapper even if UPLOAD_SCRIPTS feature disabled | high |
2022-08-06T00:00:42
(2 years ago) |