We are using keycloak-admin dependency and resteasy for the integration with keycloak on a open source project. But any version of keycloak-admin is not compatible with the version 4.5.7 of resteasy and older versions of reasteasy have a vulnerability, Generation of Error Message Containing Sensitive Information in RESTEasy client · CVE-2020-25633 · GitHub Advisory Database · GitHub. Is there a plan to upgrade resteasy on keycloak?
Related Topics
Topic | Replies | Views | Activity | |
---|---|---|---|---|
Keycloak-admin-client in javax.ws.rs 1.x environment | 3 | 1103 | January 24, 2022 | |
Using keycloak-admin-client within a Keycloak extension | 5 | 1250 | July 15, 2022 | |
How to use a rest-client in keycloak 19 authenticators/required actions (Migration issue from v15) | 1 | 883 | April 3, 2024 | |
Keycloak-admin-client with jakarta support | 6 | 2713 | June 14, 2023 | |
Apache Commons-codec module with vulnerability is being pulled in latest Keycloak admin client | 0 | 371 | March 9, 2022 |