| Title |
Severity |
Exploit |
Date |
Affected Version |
|
CVE-2024-4028
|
Low
|
|
Feb 18, 2025
|
<= 26.1.2
|
|
CVE-2024-1722
|
Medium
|
|
Feb 29, 2024
|
< 24.0.0
|
|
keycloak-core: open redirect via "form_post.jwt" JARM response mode
|
Medium
|
|
Jan 23, 2024
|
< 23.0.4
|
|
CVE-2023-4918
|
High
|
|
Sep 12, 2023
|
== 22.0.2
>= 22.0.2 < 22.0.3
|
|
CVE-2023-1664
|
Medium
|
|
May 26, 2023
|
< 21.1.2
|
|
CVE-2023-0091
|
Low
|
|
Jan 13, 2023
|
< 20.0.3
|
|
CVE-2023-0105
|
Medium
|
|
Jan 13, 2023
|
< 22.0.1
|
|
Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown
|
Medium
|
|
Nov 29, 2022
|
< 20.0.0
|
|
Duplicate Advisory: Keycloak vulnerable to Cross-Site Scripting (XSS)
|
Medium
|
|
Sep 2, 2022
|
<= 19.0.1
|
|
CVE-2022-0225
|
Medium
|
|
Aug 26, 2022
|
<= 16.1.0
|
org.keycloak / keycloak-core