📂 Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Findings
| Finding |
Severity |
🎯 CVSS |
Exploit Maturity |
EPSS |
Library |
Type |
Fixed in |
Remediation Available |
Reachability |
| CVE-2017-2646 |
🔴 High |
8.7 |
Not Defined |
< 1% |
keycloak-saml-core-1.8.1.Final.jar |
Direct |
N/A |
❌ |
 Unreachable |
| CVE-2021-40690 |
🔴 High |
8.7 |
Not Defined |
< 1% |
xmlsec-1.5.1.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2021-3827 |
🔴 High |
7.6 |
Not Defined |
< 1% |
keycloak-saml-core-1.8.1.Final.jar |
Direct |
org.keycloak:keycloak-saml-core:18.0.0 |
✅ |
|
| CVE-2017-2582 |
🔴 High |
7.1 |
Not Defined |
< 1% |
keycloak-saml-core-1.8.1.Final.jar |
Direct |
N/A |
❌ |
Unreachable |
| CVE-2023-44483 |
🔴 High |
7.1 |
Not Defined |
< 1% |
xmlsec-1.5.1.jar |
Transitive |
N/A |
❌ |
|
| CVE-2013-5823 |
🟠 Medium |
6.9 |
Not Defined |
5.1% |
xmlsec-1.5.1.jar |
Transitive |
N/A |
❌ |
|
| CVE-2013-2172 |
🟠 Medium |
6.3 |
Not Defined |
5.4% |
xmlsec-1.5.1.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2013-4517 |
🟠 Medium |
6.3 |
Not Defined |
14.599999% |
xmlsec-1.5.1.jar |
Transitive |
N/A |
❌ |
Unreachable |
Details
🔴CVE-2017-2646
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
- ❌ keycloak-saml-core-1.8.1.Final.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks.
Publish Date: Jul 27, 2018 06:00 PM
URL: CVE-2017-2646
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2021-40690
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
- keycloak-saml-core-1.8.1.Final.jar (Root Library)
- ❌ xmlsec-1.5.1.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
Publish Date: Sep 19, 2021 12:00 AM
URL: CVE-2021-40690
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin: GHSA-j8wc-gxx9-82hx
Release Date: Sep 19, 2021 12:00 AM
Fix Resolution : org.apache.santuario:xmlsec:2.2.3,org.apache.santuario:xmlsec:2.1.7
🔴CVE-2021-3827
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
- ❌ keycloak-saml-core-1.8.1.Final.jar (Vulnerable Library)
Vulnerability Details
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.
Publish Date: Aug 23, 2022 03:52 PM
URL: CVE-2021-3827
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.6
Suggested Fix
Type: Upgrade version
Origin: GHSA-4pc7-vqv5-5r3v
Release Date: Aug 23, 2022 03:52 PM
Fix Resolution : org.keycloak:keycloak-saml-core:18.0.0
🔴CVE-2017-2582
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
- ❌ keycloak-saml-core-1.8.1.Final.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
Publish Date: Jul 26, 2018 05:00 PM
URL: CVE-2017-2582
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.1
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2023-44483
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
- keycloak-saml-core-1.8.1.Final.jar (Root Library)
- ❌ xmlsec-1.5.1.jar (Vulnerable Library)
Vulnerability Details
All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.
Publish Date: Oct 20, 2023 09:23 AM
URL: CVE-2023-44483
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.1
Suggested Fix
Type: Upgrade version
Origin: GHSA-xfrj-6vvc-3xm2
Release Date: Oct 20, 2023 09:23 AM
Fix Resolution : org.apache.santuario:xmlsec:2.3.4,org.apache.santuario:xmlsec:2.2.6,org.apache.santuario:xmlsec:3.0.3
🟠CVE-2013-5823
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
- keycloak-saml-core-1.8.1.Final.jar (Root Library)
- ❌ xmlsec-1.5.1.jar (Vulnerable Library)
Vulnerability Details
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Publish Date: Oct 16, 2013 05:31 PM
URL: CVE-2013-5823
Threat Assessment
Exploit Maturity:Not Defined
EPSS:5.1%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-8gwc-x7mg-7p7p
Release Date: Oct 16, 2013 05:31 PM
Fix Resolution : org.apache.santuario:xmlsec:1.4.8,org.apache.santuario:xmlsec:1.5.3
🟠CVE-2013-2172
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
- keycloak-saml-core-1.8.1.Final.jar (Root Library)
- ❌ xmlsec-1.5.1.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."
Publish Date: Aug 20, 2013 10:00 PM
URL: CVE-2013-2172
Threat Assessment
Exploit Maturity:Not Defined
EPSS:5.4%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-r237-w2w6-jq3p
Release Date: Aug 20, 2013 10:00 PM
Fix Resolution : org.apache.santuario:xmlsec:1.5.5,org.apache.santuario:xmlsec:1.4.8
🟠CVE-2013-4517
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
- keycloak-saml-core-1.8.1.Final.jar (Root Library)
- ❌ xmlsec-1.5.1.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Publish Date: Jan 11, 2014 01:00 AM
URL: CVE-2013-4517
Threat Assessment
Exploit Maturity:Not Defined
EPSS:14.599999%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-4p4w-6h54-g885
Release Date: Jan 11, 2014 01:00 AM
Fix Resolution : org.apache.santuario:xmlsec:1.5.6
📂 Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Findings
Details
🔴CVE-2017-2646
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks.
Publish Date: Jul 27, 2018 06:00 PM
URL: CVE-2017-2646
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2021-40690
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
Publish Date: Sep 19, 2021 12:00 AM
URL: CVE-2021-40690
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin: GHSA-j8wc-gxx9-82hx
Release Date: Sep 19, 2021 12:00 AM
Fix Resolution : org.apache.santuario:xmlsec:2.2.3,org.apache.santuario:xmlsec:2.1.7
🔴CVE-2021-3827
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
Vulnerability Details
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.
Publish Date: Aug 23, 2022 03:52 PM
URL: CVE-2021-3827
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.6
Suggested Fix
Type: Upgrade version
Origin: GHSA-4pc7-vqv5-5r3v
Release Date: Aug 23, 2022 03:52 PM
Fix Resolution : org.keycloak:keycloak-saml-core:18.0.0
🔴CVE-2017-2582
Vulnerable Library - keycloak-saml-core-1.8.1.Final.jar
Keycloak SSO
Library home page: http://www.jboss.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/keycloak/keycloak-saml-core/1.8.1.Final/keycloak-saml-core-1.8.1.Final.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
Publish Date: Jul 26, 2018 05:00 PM
URL: CVE-2017-2582
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.1
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2023-44483
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
Vulnerability Details
All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.
Publish Date: Oct 20, 2023 09:23 AM
URL: CVE-2023-44483
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 7.1
Suggested Fix
Type: Upgrade version
Origin: GHSA-xfrj-6vvc-3xm2
Release Date: Oct 20, 2023 09:23 AM
Fix Resolution : org.apache.santuario:xmlsec:2.3.4,org.apache.santuario:xmlsec:2.2.6,org.apache.santuario:xmlsec:3.0.3
🟠CVE-2013-5823
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
Vulnerability Details
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Publish Date: Oct 16, 2013 05:31 PM
URL: CVE-2013-5823
Threat Assessment
Exploit Maturity:Not Defined
EPSS:5.1%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-8gwc-x7mg-7p7p
Release Date: Oct 16, 2013 05:31 PM
Fix Resolution : org.apache.santuario:xmlsec:1.4.8,org.apache.santuario:xmlsec:1.5.3
🟠CVE-2013-2172
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."
Publish Date: Aug 20, 2013 10:00 PM
URL: CVE-2013-2172
Threat Assessment
Exploit Maturity:Not Defined
EPSS:5.4%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-r237-w2w6-jq3p
Release Date: Aug 20, 2013 10:00 PM
Fix Resolution : org.apache.santuario:xmlsec:1.5.5,org.apache.santuario:xmlsec:1.4.8
🟠CVE-2013-4517
Vulnerable Library - xmlsec-1.5.1.jar
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.5.1/xmlsec-1.5.1.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Publish Date: Jan 11, 2014 01:00 AM
URL: CVE-2013-4517
Threat Assessment
Exploit Maturity:Not Defined
EPSS:14.599999%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-4p4w-6h54-g885
Release Date: Jan 11, 2014 01:00 AM
Fix Resolution : org.apache.santuario:xmlsec:1.5.6