Maven package
org.keycloak/keycloak-saml-adapter-core
pkg:maven/org.keycloak/keycloak-saml-adapter-core
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-2575 | Med | 5.3 | < 26.5.4 | 26.5.4 | Mar 18, 2026 | A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to | |
| CVE-2026-2092 | — | < 26.2.14 | 26.2.14 | Mar 18, 2026 | A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious | ||
| CVE-2018-10894 | Med | 5.4 | < 4.4.0.Final | 4.4.0.Final | Aug 1, 2018 | It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks. |
- affected < 26.5.4fixed 26.5.4
A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to
- CVE-2026-2092Mar 18, 2026affected < 26.2.14fixed 26.2.14
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious
- affected < 4.4.0.Finalfixed 4.4.0.Final
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.