It looks like Keycloak is using org.apache.cxf : cxf-core : 3.4.5 which has this vulnerability. Is Keycloak affected?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| CVE-2022-34169 Fixing Vulnerability in Keycloak 15 | 0 | 364 | October 17, 2022 | |
| Keycloak legacy V 18.0.0 CVE Vulnerability | 0 | 478 | December 3, 2022 | |
| Are there Log4J Vulnerabilities in Keycloak? | 1 | 5895 | December 10, 2021 | |
| Log4Shell like Critical vulnerability(CVE-2021-42392) in H2 database (keycloak use it as default), is keycloak affected by it? | 1 | 833 | January 27, 2022 | |
| Keycloak Log4J 1.2.x vulnerability | 0 | 3138 | July 16, 2021 |