VYPR

Keycloak

by Keycloak

Source repositories

CVEs (104)

  • CVE-2020-10770Dec 15, 2020
    risk 0.09cvss epss 0.70

    A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.

  • CVE-2026-2603Mar 18, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to complete broker logins even when…

  • CVE-2025-12150Feb 27, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is…

  • CVE-2025-8419Aug 6, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very…

  • CVE-2025-5416Jun 20, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.

  • CVE-2025-3910Apr 29, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.

  • CVE-2023-4918Sep 12, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights…

  • CVE-2022-4361Jul 7, 2023
    risk 0.00cvss epss 0.01

    Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the…

  • CVE-2023-1664May 26, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated…

  • CVE-2022-1274Mar 29, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.

  • CVE-2022-2237Mar 27, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.

  • CVE-2022-2256Sep 1, 2022
    risk 0.00cvss epss 0.01

    A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

  • CVE-2022-0225Aug 26, 2022
    risk 0.00cvss epss 0.03

    A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site scripting (XSS) attack.

  • CVE-2021-3632Aug 26, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.

  • CVE-2021-3754Aug 26, 2022
    risk 0.00cvss epss 0.02

    A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.

  • CVE-2021-3856Aug 26, 2022
    risk 0.00cvss epss 0.01

    ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if…

  • CVE-2020-35509Aug 23, 2022
    risk 0.00cvss epss 0.00

    A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity.

  • CVE-2021-3827Aug 23, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's…

  • CVE-2021-3513Aug 22, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality.

  • CVE-2022-2668Aug 5, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled

Page 4 of 6