Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2022-2232
A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.
| Software | From | Fixed in |
|---|---|---|
org.keycloak / keycloak-ldap-federation
|
- | 23.0.1 |
|
org.keycloak / keycloak-services
|
- | 23.0.1 |
- https://access.redhat.com/errata/RHSA-2024:0094
- https://access.redhat.com/errata/RHSA-2024:0095
- https://access.redhat.com/errata/RHSA-2024:0096
- https://access.redhat.com/security/cve/CVE-2022-2232
- https://bugzilla.redhat.com/show_bug.cgi?id=2096994
- https://github.com/keycloak/keycloak/commit/4252e394cf725b16f7e4e19aa32b03fd3fe13fde
- https://github.com/keycloak/keycloak/security/advisories/GHSA-8hc5-rmgf-qx6p