FLAT-WCHUP (CVE-2024-4028)
Server side cross-site scripting In org.keycloak:keycloak-core
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-WGNHW (CVE-2024-10039)
Insecure digital certificates In org.keycloak:keycloak-core
4.1
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-PGWXQ (CVE-2024-7318)
Insecure session management In org.keycloak:keycloak-core
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-TC3SR (CVE-2023-6841)
Race condition In org.keycloak:keycloak-core
4.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-SS74H (CVE-2024-7260)
Uncontrolled external site redirect In org.keycloak:keycloak-core
1.1
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-UP0OV (GHSA-57rh-gr4v-j5f6)
Insecure session management In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-B27S9 (GHSA-gmrm-8fx4-66x7)
Anonymous connection In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-C8FUK (GHSA-3hrr-xwvg-hxvr)
Account lockout In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-R5ZC7 (CVE-2023-6927)
Cross-site request forgery In org.keycloak:keycloak-core
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-4UPWF (CVE-2022-4137)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-I7J2W (CVE-2023-4918)
Sensitive data stored in client-side storage In org.keycloak:keycloak-core
6.3
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-B0YS4 (CVE-2023-0105)
Authentication mechanism absence or evasion In org.keycloak:keycloak-core
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-CZQNO (CVE-2023-1664)
Insecure digital certificates In org.keycloak:keycloak-core
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-AH5E0 (GHSA-c892-cwq6-qrqf)
Insecure digital certificates In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-MPOAC (CVE-2022-1274)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-core
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-FNIHW (GHSA-vhvq-jh34-3fc8)
Improper authorization control for web services In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-N164X (GHSA-755v-r4x4-qf7m)
Lack of data validation - Path Traversal In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-1IFDF (GHSA-w8v7-c7pm-7wfr)
Server side cross-site scripting In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-UZDB3 (CVE-2021-3856)
Local file inclusion In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-66E02 (GHSA-j9xq-j329-2xvg)
Lack of data validation In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-PM0NW (CVE-2022-0225)
Server side cross-site scripting In org.keycloak:keycloak-core
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-NRJ2W (CVE-2020-1724)
Insecure session management In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-IPWM6 (CVE-2020-1698)
Business information leak In org.keycloak:keycloak-core
4.3
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-B9MMP (CVE-2020-10686)
Improper authorization control for web services In org.keycloak:keycloak-core
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-7PPA7 (CVE-2019-14837)
Authentication mechanism absence or evasion In org.keycloak:keycloak-core
8.0
High
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-PQ3YM (CVE-2014-3656)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-4Q0TL (CVE-2018-14658)
Uncontrolled external site redirect In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-OAAYZ (CVE-2022-1466)
Authentication mechanism absence or evasion In org.keycloak:keycloak-core
6.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-4YMR1 (CVE-2021-20323)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-XHRVQ (CVE-2020-1714)
Lack of data validation In org.keycloak:keycloak-core
6.3
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-WUFRR (CVE-2020-14389)
Excessive privileges In org.keycloak:keycloak-core
6.2
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-XQ04E (CVE-2019-10170)
Excessive privileges - Wildcards In org.keycloak:keycloak-core
6.1
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-JFFVG (CVE-2020-1744)
Business information leak In org.keycloak:keycloak-core
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-JRZMZ (CVE-2020-1728)
Clickjacking In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-OXL9F (CVE-2020-1731)
Insecure generation of random numbers In org.keycloak:keycloak-core
8.1
High
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-18KIY (CVE-2020-1697)
Server side cross-site scripting In org.keycloak:keycloak-core
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-4EY5W (CVE-2019-14820)
Business information leak In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-3S8GM (CVE-2019-10199)
Cross-site request forgery In org.keycloak:keycloak-core
6.3
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-JFL43 (CVE-2019-10201)
Insufficient data authenticity validation In org.keycloak:keycloak-core
6.2
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-C3NE1 (CVE-2019-3875)
Insufficient data authenticity validation In org.keycloak:keycloak-core
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-EQQUM (CVE-2019-3868)
Sensitive information sent insecurely In org.keycloak:keycloak-core
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-L4NXJ (CVE-2018-14637)
Improper authorization control for web services In org.keycloak:keycloak-core
7.2
High
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-ZPLDT (CVE-2014-3651)
Improper resource allocation In org.keycloak:keycloak-core
6.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-DCZTE (CVE-2017-12161)
Security controls bypass or absence In org.keycloak:keycloak-core
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-K5ARY (CVE-2018-10912)
Inappropriate coding practices In org.keycloak:keycloak-core
2.1
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-ER2IV (CVE-2017-2582)
Sensitive information sent insecurely In org.keycloak:keycloak-core
4.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-N44PI (CVE-2017-2646)
Inappropriate coding practices In org.keycloak:keycloak-core
6.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-8UZCN (CVE-2016-8609)
Improper authorization control for web services In org.keycloak:keycloak-core
6.0
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-Z8QEG (CVE-2017-1000500)
Asymmetric denial of service - ReDoS In org.keycloak:keycloak-core
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-RWJQK (CVE-2016-8629)
Improper authorization control for web services In org.keycloak:keycloak-core
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core
FLAT-7290J (CVE-2017-2585)
Sensitive information sent insecurely In org.keycloak:keycloak-core
2.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-core