I decided to use one of the latest version of Keycloak either 12.0.1 or 12.0.2 for my project. How can I figure out that these versions are fixed also and is it even possible?
Does it mean that list of all CVEs mentioned in this #88 issue are fixed from version 12.0.1 up to 12.0.2 etc…?
Please, if some responsible person read this post, can you let me know, how I can figure out, if some specific CVE been patched also for specific version of Keycloak?
Because till now, nobody was able to answer me how I can identify if patch for unreleased version 13.0.0 is also backported into latest version 12.0.x.
Because of this we are thinking of upgrading to version 12.0.4, however even in that version the following are reported:
CVE-2020-10770
CVE-2020-14302
CVE-2020-1725
Does anyone know whether there is a chance these issues to be fixed in versions 11.x or 12.x ?