CRITICAL10.0CVE-2022-4361Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC from 0, < 21.1.2
CRITICAL9.8CVE-2022-1245Keycloak vulnerable to privilege escalation on Token Exchange feature from 0, < 18.0.0
HIGH8.8Keycloak fails to verify if an Identity Provider (IdP) is enabled before issuing tokens
>= 26.5.0, < 26.5.3
HIGH8.8JBoss Keycloak CSRF Vulnerability
from 0, < 1.0.3.Final
HIGH8.8Improper Authorization in Keycloak
from 0, < 15.1.1
HIGH8.7Keycloak vulnerable to user impersonation via stolen UUID code
from 0, < 21.0.1
HIGH8.2Keycloak hostname verification
from 0, < 26.2.2
HIGH8.1Keycloak: Open redirect when using wildcard valid redirect URIs in Keycloak
from 0, < 26.6.2
HIGH8.1Keycloak: UMA Policy Resource Injection Allows Unauthorized Cross-User Permission Grants
from 0, < 26.5.7
HIGH8.1Keycloak: Unauthorized authentication via disabled SAML Identity Provider
from 0, < 26.5.5
HIGH8.1Keycloak allows authentication using an Identity Provider (IdP) even after it has been disabled by an administrator
from 0, < 26.5.5
HIGH8.1Keycloak affected by improper invitation token validation
>= 26.5.0, < 26.5.3
HIGH8.1Keycloak's admin API allows low privilege users to use administrative functions
from 0, < 24.0.5
HIGH8.1Keycloak path traversal vulnerability in redirection validation
from 0, < 22.0.10
HIGH7.7Keycloak: Unauthorized access via improper validation of encrypted SAML assertions
>= 26.5.0, < 26.5.5
HIGH7.5Keycloak: Session fixation in OIDC login flow that can lead to account takeover
from 0, < 26.6.2
HIGH7.5Keycloak: Application-Level DoS via Scope Processing
from 0, < 26.5.7
HIGH7.5Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
from 0, < 24.0.5
HIGH7.4Keycloak: Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw
from 0, < 26.5.7
HIGH7.4Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS
from 0, < 22.0.10
HIGH7.3Keycloak: Redirect URI validation bypass via ..;/ path traversal in OIDC auth endpoint
from 0, < 26.5.7
HIGH7.1Keycloak: Access token disclosure and implicit flow bypass via forged client data
from 0, < 26.6.2
HIGH7.1Keycloak has session fixation in Elytron SAML adapters
from 0, < 22.0.12
HIGH7.1Keycloak path traversal vulnerability in the redirect validation
from 0, < 22.0.10
HIGH7.1The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted
from 0, < 23.0.3
HIGH7.1Keycloak vulnerable to Improper Client Certificate Validation for OAuth/OpenID clients
from 0, < 21.1.2
MEDIUM6.9Keycloak: Arbitrary code execution via Stored Cross-Site Scripting (XSS) in organization selection login page
from 0, <= 26.5.5
MEDIUM6.8Keycloak: Unauthorized account takeover via WebAuthn token replay
from 0, < 26.6.2
MEDIUM6.5Keycloak: Information disclosure via OIDC token introspection endpoint audience bypass
from 0, < 26.6.2
MEDIUM6.5Keycloak: manage-clients permission escalates to full realm admin access
from 0, < 26.5.6
MEDIUM6.5Keycloak services allows the issuance of access and refresh tokens for disabled users
>= 26.5.0, < 26.5.2
MEDIUM6.5Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled)
>= 26.2.0, < 26.2.6
MEDIUM6.5org.keycloak:keycloak-services has Inefficient Regular Expression Complexity
from 0, < 24.0.9
MEDIUM6.5Keycloak Services has a potential bypass of brute force protection
from 0, < 22.0.12
MEDIUM6.5Keycloak vulnerable to session hijacking via re-authentication
from 0, < 22.0.10
MEDIUM6.4Keycloak: Insufficient verification proof scoping enables identity provider account linking attack and account compromise
from 0, < 26.6.3
MEDIUM6.4Keycloak vulnerable to Cross-site Scripting
from 0, <= 21.0.0
MEDIUM6.1Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect
from 0, < 22.0.13
MEDIUM6.1JBoss KeyCloak Open Redirect
from 0, < 1.1.0.Beta1
MEDIUM6.0Keycloak vulnerable to session takeovers due to reuse of session identifiers
from 0, < 26.0.0
MEDIUM6.0Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow
from 0, < 22.0.10
MEDIUM5.4Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured
from 0, <= 26.6.2
MEDIUM5.4Keycloak has a Forced Browsing issue
from 0, <= 26.6.1
MEDIUM5.4Keycloak Affected by Broken Access Control Vulnerability in the UserManagedPermissionService
from 0, < 26.2.13
MEDIUM5.4Keycloak does not invalidate offline sessions when the offline_access scope is removed
from 0, < 26.2.3
MEDIUM5.4Keycloak does not invalidate sessions when "Remember Me" is disabled
>= 26.3.0, < 26.4.1
MEDIUM5.4Keycloak phishing attack via email verification step in first login flow
from 0, < 26.0.13
MEDIUM5.4Keycloak vulnerable to two factor authentication bypass
from 0, < 26.2.2
MEDIUM5.4Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims
>= 26.1.0, < 26.1.3
MEDIUM5.4Keycloak Authorization Bypass vulnerability
from 0, < 22.0.10
MEDIUM5.4HTML Injection in Keycloak Admin REST API
from 0, < 20.0.5
MEDIUM5.4Keycloak Authentication Error
from 0, < 4.4.0.Final
MEDIUM5.3Keycloak: Replay of action tokens via improper handling of single-use entries
from 0, < 26.5.7
MEDIUM5.3Keycloak: Denial of Service due to excessive SAMLRequest decompression
from 0, < 26.5.4
MEDIUM5.3Keycloak SMTP Inject Vulnerability
from 0, < 26.2.8
MEDIUM5.3Keycloak vulnerable to log Injection during WebAuthn authentication or registration
from 0, < 22.0.9
MEDIUM5.3Keycloak is vulnerable to IDN homograph attack
from 0, < 18.0.0
MEDIUM5.0Keycloak secondary factor bypass in step-up authentication
from 0, < 22.0.10
MEDIUM4.9Keycloak: Information Disclosure via evaluate-scopes Admin API
from 0, < 26.6.2
MEDIUM4.9Keycloak Denial of Service (DoS) Vulnerability via JWT Token Cache
from 0, <= 26.1.4
MEDIUM4.8Cross-site Scripting in keycloak
from 0, < 12.0.0
MEDIUM4.6Keycloak vulnerable to reflected XSS via wildcard in OIDC redirect_uri
from 0, < 23.0.3
MEDIUM4.3Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation
from 0, < 26.6.3
MEDIUM4.3Keycloak: Missing Role Enforcement on UMA 2.0 Permission Ticket Endpoint Leads to Information Disclosure
from 0, < 26.5.6
MEDIUM4.3Keycloak has Improper Access Control that allows attackers with valid credentials to bypass the allowRemoteResourceManagement=false
from 0, <= 26.6.0
MEDIUM4.3JBoss KeyCloak is vulnerable to soft token deletion via CSRF
from 0, < 1.0.2.Final
MEDIUM4.2Keycloak: Improper Access Control Leading to MFA Deletion and Account Takeover in Keycloak Account REST API
from 0, <= 26.5.6
LOW3.8Keycloak: Missing Check on Disabled Client for Docker Registry Protocol
from 0, <= 26.5.3
LOW3.7Keycloak vulnerable to information disclosure via CORS header injection due to unvalidated JWT azp claim
from 0, <= 26.5.7
LOW3.7Keycloak's identity-first login flow exposes user information
>= 26.5.0, < 26.6.0
LOW3.7Keycloak Denial of Service via account lockout
from 0, < 24.0.0
LOW3.7Keycloak's improper input validation allows using email as username
from 0, < 24.0.1
LOW3.5Client Spoofing within the Keycloak Device Authorisation Grant
from 0, < 21.1.2
LOW3.4Keycloak vulnerable to impersonation via logout token exchange
from 0, < 22.0.10
LOW3.1Keycloak Server-Side Request Forgery via OIDC token endpoint manipulation
from 0, <= 26.6.0
LOW3.1Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass
from 0, < 26.4.4
LOW3.1Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods
from 0, <= 26.5.2
LOW3.1Keycloak does not validate and update refresh token usage atomically
from 0, <= 26.2.5
LOW2.7Keycloak: Information disclosure of disabled user attributes via administrative endpoint
from 0, <= 26.5.5
LOW2.7Keycloak Admin API allows an administrator with limited privileges to retrieve sensitive custom attributes
>= 26.5.0, < 26.5.2
LOW2.7Keycloak Admin REST API exposes backend schema and rules
from 0, <= 26.2.5
LOW2.7Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions
from 0, < 26.5.0
—Keycloak vulnerable to LDAP Injection on UsernameForm Login
from 0, < 23.0.1