7 matches found
CVE-2026-9828 vulnerabilities
Vulnerabilities for packages: sonar-scanner-cli, akhq, cassandra-reaper, keycloak-config-cli, nextflow, cassandra, zookeeper...
GHSA-9342-92GG-6V29 vulnerabilities
Vulnerabilities for packages: wildfly, apache-nifi, apicurio-registry, keycloak, dependency-track, jenkins, keycloak-config-cli, thingsboard...
CVE-2025-49006
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
CVE-2025-49006
CVE-2025-49006 concerns Wasp (Web Application Specification), a Rails-like framework used with React/Node/Prisma. Prior to 0.16.6, the OAuth implementation lowercases OAuth user IDs before storing/fetching, which can violate OAuth/OpenID Connect specs and lead to user impersonation, account colli...
CVE-2025-49006 Wasp has case insensitive OAuth ID vulnerability
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
GHSA-Q4XQ-445G-G6CH vulnerabilities
Vulnerabilities for packages: keycloak-operator, keycloak, keycloak-config-cli, keycloak-fips...
CVE-2024-7318 vulnerabilities
Vulnerabilities for packages: keycloak-config-cli...