Lucene search
K

9 matches found

Snyk
Snyk
•added 2026/05/28 3:15 a.m.•8 views

Information Exposure

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Information Exposure via the SAML ECP endpoint when specially crafted SOAP requests are sent with varying...

6.9CVSS5.4AI score0.00331EPSS
Exploits0References2
vulnersOsv
vulnersOsv
•added 2026/04/02 3:31 p.m.•7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-4634 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4634 Source advisory: OSV:GHSA-H4WV-G838-66G3https://vulners.com/osv/OSV:GHSA-H4WV-G838-...

7.5CVSS5.4AI score0.00523EPSS
Exploits0
vulnersOsv
vulnersOsv
•added 2026/03/26 9:31 p.m.•7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-3121 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.5)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-3121 Source advisory: OSV:GHSA-7XF9-4JFC-WGM4https://vulners.com/osv/OSV:GHSA-7XF9-4JFC-...

7.2CVSS5.4AI score0.00471EPSS
Exploits0
vulnersOsv
vulnersOsv
•added 2026/01/21 3:31 p.m.•6 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +137 more potentially affected by CVE-2025-14083 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.5)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-14083 Source advisory:...

2.7CVSS5.4AI score0.0032EPSS
Exploits0
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-23863

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00411EPSS
Exploits0References9
CVE
CVE
•added 2025/08/06 5:10 p.m.•40 views

CVE-2025-8419

CVE-2025-8419 : A Keycloak SMTP injection vulnerability exists in Keycloak-services where special characters in the local-part of an email during registration can trigger SMTP injection, potentially causing the server to send unsolicited emails. The issue is limited to short emails (local part ca...

5.3CVSS6.4AI score0.00411EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
•added 2025/08/06 2:32 p.m.•5 views

CVE-2025-8419

A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters limited local part of the email, so the attack is limited to very shorts emails subject...

6.5CVSS6.3AI score0.00411EPSS
Exploits0References3
vulnersOsv
vulnersOsv
•added 2024/06/11 8:22 p.m.•7 views

com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +95 more potentially affected by CVE-2024-3656 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=24.0.4)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.1.23, =0.3.0-20.0.1, =0.4.5-20.0.2, =2.7.4-24.0 and more Source cves: CVE-2024-3656 Source advisory: OSV:GHSA-2CWW-FGMG-4JQC...

8.1CVSS7.4AI score0.02837EPSS
Exploits0
vulnersOsv
vulnersOsv
•added 2023/03/01 4:18 p.m.•5 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +55 more potentially affected by CVE-2022-1438 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=21.0.0)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.3.2, =0.6, =0.2, =0.7 and more Source cves: CVE-2022-1438 Source advisory: OSV:GHSA-W354-2F3C-QVG9...

6.4CVSS6.1AI score0.0066EPSS
Exploits0
Rows per page
Query Builder