pkg:Maven/org.keycloak:keycloak-ldap-federation

4 total CVEsMEDIUM2LOW1

✅ Check your installed version

All known vulnerabilities

  • MEDIUM5.5CVE-2025-13467Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization
    >= 26.3.0, < 26.4.6
  • MEDIUM5.4CVE-2025-0604Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak
    >= 26.1.0, < 26.1.3
  • LOW2.7CVE-2024-5967Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
    >= 25.0.0, < 25.0.1
  • CVE-2022-2232Keycloak vulnerable to LDAP Injection on UsernameForm Login
    from 0, < 23.0.1