Package impact
Maven / org.keycloak:keycloak-core
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2021-3632 | high | — | 8.0 | 4y ago | Keycloak allows anyone to register new security device or key for any user by using WebAuthn password-less login flow | |
| CVE-2020-27838 | high | — | 8.0 | 4y ago | Keycloak discloses information without authentication | |
| CVE-2021-20202 | high | — | 8.0 | 4y ago | Temporary Directory Hijacking Vulnerability in Keycloak | |
| CVE-2020-1714 | high | — | 8.0 | 4y ago | Improper Input Validation in Keycloak | |
| CVE-2021-20195 | high | — | 8.0 | 5y ago | keycloak Self Stored Cross-site Scripting vulnerability | |
| CVE-2021-20262 | high | — | 8.0 | 5y ago | Keycloak Missing authentication for critical function | |
| CVE-2014-3651 | high | 7.5 | 7.5 | 9y ago | Keycloak vulnerable to uncontrolled resource consumption |