Version 21.1.2
Keycloak
Open Source Identity and Access Management For Modern Applications and Services
Install Instructions
mvn install keycloak-parent
Current Version Release Date December 03, 2024
Language Java
Package URL (purl) pkg:maven/org.keycloak:keycloak-parent@21.1.2
Find Keycloak vulnerabilities in your supply chain.
Keycloak Vulnerabilities
Sort by
CVE (Latest)
CVE (Latest)
-
CVE (Latest)
-
CVE (Oldest)
-
CVSS Score (Highest)
-
CVSS Score (Lowest)
CVE  |
CVSS Score |
CWE(s) |
EPSS Score |
EPSS % |
Impacted Versions |
|---|---|---|---|---|---|
| CVE-2019-14910 | High 9.8 | CWE-287, CWE-592, CWE-305, CWE-295 | 0.00182 | 0.55715 |
|
| CVE-2020-14359 | High 7.3 | CWE-305 | 0.00088 | 0.38948 |
|
| CVE-2020-1717 | Low 2.7 | CWE-209 | 0.00054 | 0.24764 |
|
| CVE-2023-6927 | Medium 6.1 | CWE-601 | 0.00166 | 0.53706 |
|
| CVE-2022-2256 | Low 3.8 | CWE-79 | 0.0005 | 0.21439 |
|
| CVE-2022-2668 | High 7.2 | CWE-94 | 0.00087 | 0.38507 |
|
| CVE-2022-3782 | High 9.1 | CWE-22 | 0.00161 | 0.53054 |
|
| CVE-2022-3916 | Medium 6.8 | CWE-384, CWE-488, CWE-613 | 0.00219 | 0.5954 |
|
| CVE-2022-4137 | Medium 6.1 | CWE-81, CWE-79 | 0.00134 | 0.49201 |
|
| CVE-2021-3461 | High 7.1 | CWE-613 | 0.00063 | 0.29352 |
|
| CVE-2020-1725 | Medium 5.4 | CWE-863 | 0.00054 | 0.24764 |
|
| CVE-2021-3513 | High 7.5 | CWE-209, CWE-522 | 0.00158 | 0.52735 |
|
| CVE-2021-20222 | High 7.5 | CWE-20, CWE-79 | 0.00167 | 0.53828 |
|
| CVE-2020-10776 | Medium 4.8 | CWE-79 | 0.00054 | 0.25116 |
|
| CVE-2020-14366 | Medium 6.8 | CWE-22 | 0.00172 | 0.54465 |
|
| CVE-2020-10758 | High 7.5 | CWE-770 | 0.00105 | 0.43887 |
|
| CVE-2020-1714 | High 8.8 | CWE-20 | 0.00243 | 0.63505 |
|
| CVE-2020-10748 | Medium 6.1 | CWE-79 | 0.00078 | 0.35818 |
|
| CVE-2020-1694 | Medium 4.9 | CWE-183, CWE-732 | 0.00065 | 0.30211 |
|
| CVE-2020-1758 | Medium 5.3 | CWE-295, CWE-297 | 0.00128 | 0.48107 |
|
| CVE-2019-14909 | High 8.3 | CWE-287, CWE-592, CWE-305 | 0.00092 | 0.40413 |
|
| CVE-2020-1718 | High 7.1 | CWE-287 | 0.0008 | 0.36405 |
|
| CVE-2018-14657 | High 8.1 | CWE-307 | 0.00238 | 0.61345 |
|
| CVE-2018-14655 | Medium 4.6 | CWE-79 | 0.00098 | 0.41737 |
|
| CVE-2017-12158 | Medium 5.4 | CWE-444, CWE-79 | 0.00176 | 0.54889 |
|
| CVE-2017-12159 | High 7.5 | CWE-613 | 0.00289 | 0.68511 |
|
| CVE-2017-12160 | High 7.2 | CWE-287, CWE-285 | 0.00198 | 0.57484 |
|
Keycloak Vulnerability Remediation Guidance
| CVE | Description | Full list of Impacted Versions | Fix |
|---|---|---|---|
| CVE-2023-6927 | A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134. | 25.0.2, 25.0.6, 25.0.5, 25.0.4, 25.0.3, 25.0.1, 25.0.0, 24.0.5 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2022-4137 | A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker. | 17.0.1, 17.0.0, 16.1.1, 16.1.0, 15.1.1, 16.0.0, 15.1.0, 15.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2022-3916 | A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user. | 17.0.1, 17.0.0, 16.1.1, 16.1.0, 15.1.1, 16.0.0, 15.1.0, 15.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2022-3782 | keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field. | 17.0.1, 17.0.0, 16.1.1, 16.1.0, 15.1.1, 16.0.0, 15.1.0, 15.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2022-2668 | An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled | 17.0.1, 17.0.0, 16.1.1, 16.1.0, 15.1.1, 16.0.0, 15.1.0, 15.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2022-2256 | A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality. | 17.0.1, 17.0.0, 16.1.1, 16.1.0, 15.1.1, 16.0.0, 15.1.0, 15.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2021-3513 | A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality. | 12.0.4, 12.0.1, 11.0.1, 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2021-3461 | A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. | 13.0.1, 13.0.0, 12.0.4, 12.0.1, 11.0.1, 10.0.2, 10.0.1, 10.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2021-20222 | A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 12.0.1, 11.0.1, 10.0.2, 10.0.1, 10.0.0, 9.0.3, 9.0.2, 9.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1758 | A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle (MITM) attack. | 9.0.3, 7.0.1, 9.0.2, 9.0.0, 8.0.2, 8.0.1, 8.0.0, 7.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1725 | A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token. | 12.0.4, 12.0.1, 11.0.1, 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1718 | A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application. | 7.0.1, 7.0.0, 5.0.0, 4.8.3.Final, 4.8.2.Final, 4.8.1.Final, 4.8.0.Final, 4.5.0.Final (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1717 | A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack. | 25.0.2, 25.0.6, 25.0.5, 25.0.4, 25.0.3, 25.0.1, 25.0.0, 24.0.5 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1714 | A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. | 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1, 9.0.2, 9.0.0, 8.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-1694 | A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions. | 9.0.3, 7.0.1, 9.0.2, 9.0.0, 8.0.2, 8.0.1, 8.0.0, 7.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-14366 | A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw | 11.0.1, 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1, 9.0.2, 9.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-14359 | A vulnerability was found in all versions of keycloak, where on using lower case HTTP headers (via cURL) we can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekeeper in front of a Jetty server and use lowercase headers. | 25.0.2, 25.0.6, 25.0.5, 25.0.4, 25.0.3, 25.0.1, 25.0.0, 24.0.5 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-10776 | A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack. | 11.0.1, 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1, 9.0.2, 9.0.0 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-10758 | A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. | 10.0.2, 10.0.1, 10.0.0, 9.0.3, 7.0.1, 9.0.2, 9.0.0, 8.0.2 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2020-10748 | A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. | 10.0.1, 10.0.0, 9.0.3, 7.0.1, 9.0.2, 9.0.0, 8.0.2, 8.0.1 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2019-14910 | A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. | 25.0.2, 25.0.6, 25.0.5, 25.0.4, 25.0.3, 25.0.1, 25.0.0, 24.0.5 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2019-14909 | A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted. | 7.0.1, 7.0.0 | Patch → NO_SAFE_VERSION |
| CVE-2018-14657 | A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures. | 4.5.0.Final, 4.4.0.Final, 4.2.1.Final, 4.3.0.Final, 4.2.0.Final, 4.0.0.Beta1, 4.0.0.Beta2, 4.1.0.Final (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2018-14655 | A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login. | 4.0.0.Beta1, 4.0.0.Beta2, 3.4.0.CR1, 3.3.0.CR2, 3.4.1.Final, 3.4.2.Final, 3.4.1.CR1, 3.2.1.Final (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2017-12160 | It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. | 3.3.0.CR2, 3.2.1.Final, 3.3.0.CR1, 3.2.0.CR1, 3.2.0.Final, 3.1.0.Final, 3.1.0.CR1, 3.0.0.Final (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2017-12159 | It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. | 3.4.0.CR1, 3.3.0.CR2, 3.2.1.Final, 3.3.0.CR1, 3.2.0.CR1, 3.2.0.Final, 3.1.0.Final, 3.1.0.CR1 (Show all) | Patch → NO_SAFE_VERSION |
| CVE-2017-12158 | It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. | 3.4.0.CR1, 3.3.0.CR2, 3.2.1.Final, 3.3.0.CR1, 3.2.0.CR1, 3.2.0.Final, 3.1.0.Final, 3.1.0.CR1 (Show all) | Patch → NO_SAFE_VERSION |
Instantly see if these Keycloak vulnerabilities affect your code.
Dependencies
Packages using versions of Keycloak affected by its vulnerabilities
| Dependent Packages |
|---|
| com.thoughtworks.xstream:xstream:${xstream.version} |
| org.yaml:snakeyaml:${org.yaml.snakeyaml.version} |
| org.apache.sshd:sshd-common:${org.apache.sshd.version} |
| org.snakeyaml:snakeyaml-engine:${org.snakeyaml.snakeyaml-engine.version} |
| com.squareup.okhttp3:okhttp:${okhttp.version} |
| com.squareup.okhttp3:logging-interceptor:${okhttp.version} |
| org.jboss:jboss-dmr:${jboss.dmr.version} |
| com.sun.istack:istack-commons-runtime:${sun.istack.version} |
| com.sun.istack:istack-commons-tools:${sun.istack.version} |
| javax.xml.bind:jaxb-api:${javax.xml.bind.jaxb.version} |
| com.sun.xml.ws:rt:${sun.xml.ws.version} |
| com.sun.xml.bind.external:rngom:${sun.xml.bind.version} |
| com.sun.activation:jakarta.activation:${sun.activation.version} |
| org.glassfish.jaxb:xsom:${org.glassfish.jaxb.xsom.version} |
| org.bouncycastle:bcprov-jdk15on:${bouncycastle.version} |
| org.bouncycastle:bcpkix-jdk15on:${bouncycastle.version} |
| org.bouncycastle:bc-fips:${bouncycastle.fips.version} |
| org.bouncycastle:bctls-fips:${bouncycastle.tlsfips.version} |
| org.bouncycastle:bcpkix-fips:${bouncycastle.pkixfips.version} |
| com.github.ua-parser:uap-java:${ua-parser.version} |
| com.sun.mail:jakarta.mail:${jakarta.mail.version} |
| org.jboss.spec.javax.transaction:jboss-transaction-api_1.3_spec:${jboss-transaction-api_1.3_spec} |
| org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.1_spec:${jboss-jaxrs-api_2.1_spec} |
| org.jboss.resteasy:resteasy-core:${resteasy.version} |
| org.jboss.resteasy:resteasy-multipart-provider:${resteasy.version} |
| org.jboss.resteasy:resteasy-jackson2-provider:${resteasy.version} |
| org.jboss.resteasy:resteasy-jaxb-provider:${resteasy.version} |
| org.jboss.resteasy:resteasy-client:${resteasy.version} |
| org.jboss.resteasy:resteasy-undertow:${resteasy.undertow.version} |
| org.jboss.spec.javax.xml.bind:jboss-jaxb-api_2.3_spec:${jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec.version} |
| org.jboss.spec.javax.servlet.jsp:jboss-jsp-api_2.3_spec:${jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec.version} |
| org.keycloak:keycloak-wildfly-adapter-subsystem:${project.version} |
| io.undertow:undertow-servlet:${undertow.version} |
| io.undertow:undertow-core:${undertow.version} |
| com.fasterxml.jackson.core:jackson-core:${jackson.version} |
| com.fasterxml.jackson.core:jackson-databind:${jackson.databind.version} |
| com.fasterxml.jackson.core:jackson-annotations:${jackson.version} |
| com.fasterxml.jackson.module:jackson-module-jaxb-annotations:${jackson.version} |
| com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${jackson.version} |
| com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:${jackson.version} |
| com.fasterxml.jackson.jaxrs:jackson-jaxrs-base:${jackson.version} |
| org.jboss.spec.javax.servlet:jboss-servlet-api_3.0_spec:${servlet.api.30.version} |
| org.jboss.spec.javax.servlet:jboss-servlet-api_4.0_spec:${servlet.api.40.version} |
| org.picketlink:picketlink-wildfly-common:${picketlink.version} |
| org.jboss.logging:jboss-logging:${jboss.logging.version} |
| org.jboss.logging:jboss-logging-annotations:${jboss.logging.tools.version} |
| org.jboss.logging:jboss-logging-processor:${jboss.logging.tools.version} |
| log4j:log4j:${log4j.version} |
| com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:${owasp.html.sanitizer.version} |
| junit:junit:${junit.version} |
| org.hamcrest:hamcrest:${hamcrest.version} |
| jakarta.persistence:jakarta.persistence-api:${jakarta.persistence.version} |
| jakarta.servlet:jakarta.servlet-api:${jakarta.servlet.jakarta-servlet-api.version} |
| com.h2database:h2:${h2.version} |
| org.hibernate:hibernate-core:${hibernate-orm.version} |
| org.hibernate:hibernate-c3p0:${hibernate.c3p0.version} |
| org.freemarker:freemarker:${freemarker.version} |
| org.apache.santuario:xmlsec:${xmlsec.version} |
| org.wildfly:wildfly-dist:${wildfly.version} |
| org.openjdk.nashorn:nashorn-core:${nashorn.version} |
| org.twitter4j:twitter4j-core:${twitter4j.version} |
| com.google.zxing:core:${google.zxing.version} |
| com.google.zxing:javase:${google.zxing.version} |
| com.google.guava:guava:${google.guava.version} |
| com.icegreen:greenmail:${greenmail.version} |
| org.subethamail:subethasmtp:${subethasmtp.version} |
| org.apache.directory.server:apacheds-core:${apacheds.version} |
| org.apache.directory.server:apacheds-core-api:${apacheds.version} |
| org.apache.directory.server:apacheds-core-annotations:${apacheds.version} |
| org.apache.directory.server:apacheds-interceptor-kerberos:${apacheds.version} |
| org.apache.directory.server:apacheds-server-annotations:${apacheds.version} |
| org.apache.directory.api:api-ldap-codec-standalone:${apacheds.codec.version} |
| org.seleniumhq.selenium:selenium-java:${selenium.version} |
| org.seleniumhq.selenium:selenium-chrome-driver:${selenium.version} |
| org.apache.jmeter:ApacheJMeter_java:${jmeter.version} |
| org.dom4j:dom4j:${dom4j.version} |
| xml-apis:xml-apis:${xml-apis.version} |
| org.slf4j:slf4j-api:${slf4j-api.version} |
| org.slf4j:slf4j-log4j12:${slf4j.version} |
| mysql:mysql-connector-java:${mysql-jdbc.version} |
| org.apache.httpcomponents:httpclient:${apache.httpcomponents.version} |
| org.apache.httpcomponents:httpcore:${apache.httpcomponents.httpcore.version} |
| org.apache.httpcomponents:httpmime:${apache.httpcomponents.version} |
| org.wildfly.core:wildfly-controller:${wildfly.core.version} |
| org.wildfly.core:wildfly-server:${wildfly.core.version} |
| org.wildfly:wildfly-ee:${wildfly.version} |
| org.wildfly:wildfly-galleon-pack:${wildfly.version} |
| org.wildfly:wildfly-galleon-pack:${wildfly.version} |
| ${ee.maven.groupId}:wildfly-ee-galleon-pack:${wildfly.version} |
| ${ee.maven.groupId}:wildfly-servlet-galleon-pack:${ee.maven.version} |
| org.wildfly:wildfly-web-feature-pack:${wildfly.version} |
| org.wildfly.core:wildfly-subsystem-test:${wildfly.core.version} |
| org.wildfly:wildfly-undertow:${wildfly.version} |
| org.wildfly.core:wildfly-subsystem-test-framework:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack-common:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack-ee-8-api:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack-galleon-common:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack-galleon-pruned:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-feature-pack:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-galleon-pack:${wildfly.core.version} |
| org.wildfly.core:wildfly-core-galleon-pack:${wildfly.core.version} |
| org.wildfly.core:wildfly-version:${wildfly.core.version} |
| org.wildfly:wildfly-web-common:${wildfly.version} |
| org.wildfly:wildfly-clustering-infinispan-marshalling:${wildfly.version} |
| org.wildfly.security:wildfly-elytron:${wildfly-elytron.version} |
| org.wildfly.common:wildfly-common:${wildfly.common.version} |
| org.wildfly.security.elytron-web:undertow-server:${elytron.undertow-server.version} |
| org.infinispan:infinispan-core:${infinispan.version} |
| org.infinispan:infinispan-cachestore-remote:${infinispan.version} |
| org.infinispan:infinispan-jboss-marshalling:${infinispan.version} |
| org.infinispan:infinispan-server-core:${infinispan.version} |
| org.infinispan:infinispan-server-router:${infinispan.version} |
| org.infinispan:infinispan-server-runtime:${infinispan.version} |
| org.infinispan:infinispan-server-rest:${infinispan.version} |
| org.infinispan:infinispan-api:${infinispan.version} |
| org.infinispan:infinispan-client-hotrod:${infinispan.version} |
| org.infinispan:infinispan-query-dsl:${infinispan.version} |
| org.infinispan:infinispan-remote-query-client:${infinispan.version} |
| org.infinispan:infinispan-component-annotations:${infinispan.version} |
| org.infinispan.protostream:protostream-processor:${infinispan.protostream.processor.version} |
| org.jboss.marshalling:jboss-marshalling:${jboss.marshalling.version} |
| org.jboss.marshalling:jboss-marshalling-river:${jboss.marshalling.version} |
| org.liquibase:liquibase-core:${liquibase.version} |
| org.osgi:org.osgi.core:${osgi.version} |
| org.osgi:org.osgi.enterprise:${osgi.version} |
| org.ops4j.pax.web:pax-web-runtime:${pax.web.version} |
| org.ops4j.pax.web:pax-web-api:${pax.web.version} |
| org.ops4j.pax.web:pax-web-spi:${pax.web.version} |
| org.jboss.aesh:aesh:${jboss.aesh.version} |
| org.aesh:aesh:${aesh.version} |
| org.keycloak:keycloak-client-registration-api:${project.version} |
| org.keycloak:keycloak-common:${project.version} |
| org.keycloak:keycloak-core:${project.version} |
| org.keycloak:keycloak-core:${project.version} |
| org.keycloak:keycloak-config-api:${project.version} |
| org.keycloak:keycloak-client-api:${project.version} |
| org.keycloak:keycloak-kerberos-federation:${project.version} |
| org.keycloak:keycloak-sssd-federation:${project.version} |
| net.java.dev.jna:jna:${jna.version} |
| org.keycloak:keycloak-ldap-federation:${project.version} |
| org.keycloak:keycloak-dependencies-server-min:${project.version} |
| org.keycloak:keycloak-dependencies-server-all:${project.version} |
| org.keycloak:keycloak-themes:${project.version} |
| org.keycloak:keycloak-adapter-spi:${project.version} |
| org.keycloak:keycloak-servlet-adapter-spi:${project.version} |
| org.keycloak:keycloak-jakarta-servlet-adapter-spi:${project.version} |
| org.keycloak:keycloak-adapter-core:${project.version} |
| org.keycloak:keycloak-admin-client:${project.version} |
| org.keycloak:keycloak-as7-adapter:${project.version} |
| org.keycloak:keycloak-as7-adapter-spi:${project.version} |
| org.keycloak:keycloak-installed-adapter:${project.version} |
| org.keycloak:keycloak-jaxrs-oauth-client:${project.version} |
| org.keycloak:keycloak-jboss-adapter-core:${project.version} |
| org.keycloak:keycloak-jetty-adapter-spi:${project.version} |
| org.keycloak:keycloak-jetty-core:${project.version} |
| org.keycloak:keycloak-jetty94-adapter:${project.version} |
| org.keycloak:keycloak-as7-subsystem:${project.version} |
| org.keycloak:keycloak-wildfly-subsystem:${project.version} |
| org.keycloak:keycloak-wildfly-server-subsystem:${project.version} |
| org.keycloak:keycloak-subsystem:${project.version} |
| org.keycloak:keycloak-js-adapter-jar:${project.version} |
| org.keycloak:keycloak-spring-boot-adapter-core:${project.version} |
| org.keycloak:keycloak-spring-boot-2-adapter:${project.version} |
| org.keycloak:keycloak-tomcat-adapter-spi:${project.version} |
| org.keycloak:keycloak-tomcat-core-adapter:${project.version} |
| org.keycloak:keycloak-saml-servlet-filter-adapter:${project.version} |
| org.keycloak:keycloak-saml-jakarta-servlet-filter-adapter:${project.version} |
| org.keycloak:keycloak-servlet-filter-adapter:${project.version} |
| org.keycloak:keycloak-jakarta-servlet-filter-adapter:${project.version} |
| org.keycloak:keycloak-saml-as7-adapter:${project.version} |
| org.keycloak:keycloak-saml-as7-subsystem:${project.version} |
| org.keycloak:keycloak-saml-tomcat-adapter:${project.version} |
| org.keycloak:keycloak-tomcat-adapter:${project.version} |
| org.keycloak:keycloak-undertow-adapter-spi:${project.version} |
| org.keycloak:keycloak-undertow-adapter:${project.version} |
| org.keycloak:keycloak-wildfly-elytron-oidc-adapter:${project.version} |
| org.keycloak:keycloak-saml-wildfly-elytron-adapter:${project.version} |
| org.keycloak:keycloak-saml-wildfly-elytron-jakarta-adapter:${project.version} |
| org.keycloak:keycloak-wildfly-adduser:${project.version} |
| org.keycloak:keycloak-wildfly-extensions:${project.version} |
| org.keycloak:keycloak-server-spi:${project.version} |
| org.keycloak:keycloak-server-spi-private:${project.version} |
| org.keycloak:keycloak-model-jpa:${project.version} |
| org.keycloak:keycloak-model-legacy:${project.version} |
| org.keycloak:keycloak-model-legacy-private:${project.version} |
| org.keycloak:keycloak-model-legacy-services:${project.version} |
| org.keycloak:keycloak-model-map:${project.version} |
| org.keycloak:keycloak-model-map-jpa:${project.version} |
| org.keycloak:keycloak-model-map-ldap:${project.version} |
| org.keycloak:keycloak-model-infinispan:${project.version} |
| org.keycloak:keycloak-model-map-hot-rod:${project.version} |
| org.keycloak:keycloak-model-map-file:${project.version} |
| org.keycloak:launcher:${project.version} |
| org.keycloak:keycloak-saml-core:${project.version} |
| org.keycloak:keycloak-saml-core-public:${project.version} |
| org.keycloak:keycloak-saml-adapter-api-public:${project.version} |
| org.keycloak:keycloak-saml-adapter-core:${project.version} |
| org.keycloak:keycloak-saml-tomcat-adapter-core:${project.version} |
| org.keycloak:keycloak-saml-jetty-adapter-core:${project.version} |
| org.keycloak:keycloak-saml-wildfly-subsystem:${project.version} |
| org.keycloak:keycloak-saml-wildfly-jakarta-subsystem:${project.version} |
| org.keycloak:keycloak-saml-jetty94-adapter:${project.version} |
| org.keycloak:keycloak-saml-undertow-adapter:${project.version} |
| org.keycloak:keycloak-services:${project.version} |
| org.keycloak:keycloak-authz-client:${project.version} |
| org.keycloak:keycloak-authz-policy-common:${project.version} |
| org.keycloak:keycloak-policy-enforcer:${project.version} |
| org.keycloak:keycloak-quarkus-server:${project.version} |
| org.keycloak:keycloak-quarkus-server-deployment:${project.version} |
| org.keycloak:keycloak-quarkus-server-app:${project.version} |
| org.keycloak:keycloak-junit5:${project.version} |
| org.keycloak:keycloak-account-ui:${project.version} |
| org.keycloak:keycloak-admin-ui:${project.version} |
| org.keycloak:keycloak-rest-admin-ui-ext:${project.version} |
| com.openshift:openshift-restclient-java:${version.com.openshift.openshift-restclient-java} |
| org.keycloak:keycloak-saml-as7-modules:${project.version} |
| org.keycloak:keycloak-as7-modules:${project.version} |
| org.keycloak:keycloak-wildfly-modules:${project.version} |
| org.keycloak:keycloak-saml-wildfly-modules:${project.version} |
| org.keycloak:keycloak-saml-wildfly-jakarta-modules:${project.version} |
| org.keycloak:keycloak-fuse-adapter-dist:${project.version} |
| org.keycloak:keycloak-fuse-adapter-dist:${project.version} |
| org.keycloak:keycloak-wildfly-adapter-dist:${project.version} |
| org.keycloak:keycloak-saml-wildfly-adapter-dist:${project.version} |
| org.keycloak:keycloak-server-overlay:${project.version} |
| org.keycloak:keycloak-server-dist:${project.version} |
| org.keycloak:keycloak-quarkus-dist:${project.version} |
| org.keycloak:keycloak-demo-dist:${project.version} |
| org.keycloak:keycloak-util-embedded-ldap:${project.version} |
| org.keycloak:keycloak-api-docs-dist:${project.version} |
| org.keycloak:keycloak-tomcat-adapter-dist:${project.version} |
| org.keycloak:keycloak-jetty94-adapter-dist:${project.version} |
| org.keycloak:keycloak-as7-adapter-dist:${project.version} |
| org.keycloak:keycloak-server-feature-pack:${project.version} |
| org.keycloak:keycloak-adapter-feature-pack:${project.version} |
| org.keycloak:keycloak-saml-tomcat-adapter-dist:${project.version} |
| org.keycloak:keycloak-saml-jetty94-adapter-dist:${project.version} |
| org.keycloak:keycloak-saml-as7-adapter-dist:${project.version} |
| org.keycloak:keycloak-testsuite-utils:${project.version} |
| org.keycloak:keycloak-testsuite-tools:${project.version} |
| org.keycloak:keycloak-testsuite-tools:${project.version} |
| org.keycloak.example.demo:cxf-jaxws-example:${project.version} |
| org.keycloak.example.demo:customer-portal-example:${project.version} |
| org.keycloak.example.demo:product-portal-example:${project.version} |
| org.keycloak:keycloak-client-registration-cli:${project.version} |
| org.keycloak:keycloak-crypto-default:${project.version} |
| org.keycloak:keycloak-crypto-fips1402:${project.version} |
| org.keycloak:keycloak-crypto-elytron:${project.version} |
| org.keycloak:keycloak-admin-cli:${project.version} |
| org.keycloak:keycloak-client-cli-dist:${project.version} |
| com.webauthn4j:webauthn4j-core:${webauthn4j.version} |
| com.webauthn4j:webauthn4j-util:${webauthn4j.version} |
| org.apache.kerby:kerby-asn1:${org.apache.kerby.kerby-asn1.version} |
| com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:${jackson.version} |
| commons-lang:commons-lang:${commons-lang.version} |
| org.apache.commons:commons-lang3:${commons-lang3.version} |
| commons-io:commons-io:${commons-io.version} |
| com.github.javaparser:javaparser-core:${javaparser.version} |
| org.eclipse.microprofile.metrics:microprofile-metrics-api:${microprofile-metrics-api.version} |
| org.keycloak:keycloak-server-galleon-pack:${project.version} |
| org.keycloak:keycloak-server-galleon-pack:${project.version} |
| org.wildfly.galleon-plugins:wildfly-galleon-plugins:${org.wildfly.galleon-plugins.version} |
| org.wildfly.galleon-plugins:wildfly-config-gen:${org.wildfly.galleon-plugins.version} |
| org.wildfly.galleon-plugins:transformer:${org.wildfly.galleon-plugins.version} |
| org.wildfly.core:wildfly-embedded:${wildfly.core.version} |
| org.wildfly.common:wildfly-common:${wildfly.common.version} |