org.keycloak:keycloak-model-jpa (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.keycloak:keycloak-model-jpa, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2023-6563 — CVSS 7.7 (high): An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of…
CVE-2019-14832 — CVSS 7.5 (high): A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured…
CVE-2026-3190 — CVSS 4.3 (medium): A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to enforce the…