org.keycloak:keycloak-saml-adapter-core
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.keycloak:keycloak-saml-adapter-corepage 1 of 1
- CVE-2018-10894MEDIUMCVSS 5.4EG 5.4✓ Fixed in 4.4.0.Final2018-08-01
vulnerable: 1.6.0.Final ... 4.3.0.Final (59 versions)
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
- CVE-2026-2575MEDIUMCVSS 5.3EG 5.3✓ Fixed in 26.5.42026-03-18
vulnerable: 1.6.0.Final ... 9.0.3 (187 versions)
A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits…
Check whether org.keycloak:keycloak-saml-adapter-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.keycloak:keycloak-saml-adapter-core CVEs against the assets you own.
Start Free Scan →