Is Spring Security Adapter affected by CVE-2023-20862?

OLibutzki · May 2, 2023, 8:36am

Hi everyone,

is the Keycloak Spring Security Adapter affected by CVE-2023-20862?

Maybe someone who is familiar with the implementation details can answer if any of the given prerequisites applies to the adapter.

Thanks!

Topic		Replies	Views
Security vulnerability CVE-2019-17359 in keycloak-spring-security-adapter 5.0.0, should I worry?	0	582	May 15, 2020
How does CVE-2020-14359 affect Keycloak and is there a cause for concern?	0	938	March 8, 2021
Is Keycloak affected by the Spring Core RCE vulnerability? Configuring the server	4	2035	April 1, 2022
Help to mitigate CVE-2021-20323 Keycloak XSS issue Securing applications	2	1626	November 15, 2022
Spring security adapter Securing applications	0	487	November 6, 2019