pkg:maven/org.keycloak/keycloak-saml-core
Type
maven
Namespace
org.keycloak
Name
keycloak-saml-core
Known advisories, vulnerabilities and fixes for org.keycloak/keycloak-saml-core package.
High
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 18.0.0 |
CVE-2021-3827
|
 MAVEN:GHSA-4PC7-VQV5-5R3V
|
ECP SAML binding bypasses authentication flows | high |
2022-04-27T21:25:59
(2 years ago) |
|
| Fixed | = 18.0.0 |
CVE-2021-3827
|
MAVEN:GHSA-4PC7-VQV5-5R3V
|
ECP SAML binding bypasses authentication flows | high |
2022-04-27T21:25:59
(2 years ago) |
|
| Affected | <= 19.0.1 |
MAVEN:GHSA-Q2GP-GPH3-88X9
|
Keycloak allows arbitrary Javascript to be uploaded for SAML protocol mapper even if UPLOAD_SCRIPTS feature disabled | high |
2022-08-06T00:00:42
(2 years ago) |