Security: keycloak/keycloak
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Keycloak is vulnerable to IDN homograph attackGHSA-mwm4-5qwr-g9pf published
Apr 25, 2022 by abstractjLow -
ECP SAML binding bypasses authentication flowsGHSA-4pc7-vqv5-5r3v published
Apr 25, 2022 by abstractjModerate -
Stored XSS in groups dropdownGHSA-755v-r4x4-qf7m published
Nov 24, 2022 by abstractjModerate -
Incorrect authorization allows unpriviledged users to create other usersGHSA-83x4-9cwr-5487 published
Dec 20, 2021 by stianstHigh -
OIDC Logout redirects can happen even if no id_token_hint is providedGHSA-rvjg-gxwx-j5gf published
Apr 25, 2022 by abstractjLow -
Reflected XSS on clients-registrations endpointGHSA-m98g-63qj-fp8j published
Apr 25, 2022 by abstractjModerate