CVE-2020-14389 and KeyCloak 10.x

jangaraj February 1, 2021, 12:36pm 2

IMHO it won’t be backported. There is no concept of LTS releases for the Keycloak: LTS policy and supported versions, recommended versions - #3 by ieugen
So you have to use the latest release.

Topic		Replies	Views
CVE-2020-14302 and CVE-2020-10770 before Keycloak 13.0.0 Getting advice	3	982	March 17, 2021
CVE-2020-1714 remote code execution before Keycloak 11 Getting advice	5	2005	June 10, 2020
What is the impact of CVE-2020-36518 on Keycloak 15.1.1 Securing applications	1	564	May 5, 2022
Keycloak legacy V 18.0.0 CVE Vulnerability Getting advice oidc	0	378	December 3, 2022
Is Keycloak affected by CVE-2022-46364?	0	355	January 16, 2023