Package impact
Maven / org.keycloak:keycloak-ldap-federation
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-13467 | unknown | — | — | 5mo ago | Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization | |
| CVE-2025-0604 | unknown | — | — | 1y ago | Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak | |
| CVE-2024-5967 | unknown | — | — | 2y ago | Keycloak leaks configured LDAP bind credentials through the Keycloak admin console | |
| CVE-2022-2232 | unknown | — | — | 3y ago | Keycloak vulnerable to LDAP Injection on UsernameForm Login |