5 matches found
CVE-2022-2232
creationtimestamp| type| source ---|---|--- 2024-11-14 14:55:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113481884933073861 2024-11-14 16:39:44+00:00| seen| https://t.me/cvedetector/10965...
CVE-2022-2232
CVE-2022-2232 concerns a LDAP injection in Keycloak’s username lookup, allowing bypass and potentially other actions. Affected: Keycloak package; root cause: LDAP injection during username lookup. Impact: high confidentiality risk; no user interaction required, network vector, privileges not requ...
CVE-2022-2232 Keycloak: ldap injection on username input
A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...
com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +21 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-ldap-federation (>=1.0-beta-4 <=23.0.0)
org.keycloak:keycloak-ldap-federation MAVEN version =1.0-beta-4, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.1.0, =0.2, =1.0-beta-4, =20.0.0, =20.0.0, =21.1.0, =23.0.0 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...
com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +83 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=23.0.0)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.1.23, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.11 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...