Package impact
Maven / org.keycloak:keycloak-ldap-federation
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13467 | unknown | — | — | 6mo ago | Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization | |||
| CVE-2025-0604 | unknown | — | — | 1y ago | Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak | |||
| CVE-2024-5967 | unknown | — | — | 2y ago | Keycloak leaks configured LDAP bind credentials through the Keycloak admin console | |||
| CVE-2022-2232 | unknown | — | — | 3y ago | Keycloak vulnerable to LDAP Injection on UsernameForm Login |