pkg:maven/org.apache.syncope/syncope
Type
maven
Namespace
org.apache.syncope
Name
syncope
Known advisories, vulnerabilities and fixes for org.apache.syncope/syncope package.
High
1
Moderate
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 1.1.0, < 1.1.8 |
CVE-2014-3503
|
MAVEN:GHSA-4C72-MRHF-23CG | Apache Syncope uses a weak PNRG | moderate |
2022-05-14T02:52:41
(2 years ago) |
|
Fixed | = 1.1.8 |
CVE-2014-3503
|
MAVEN:GHSA-4C72-MRHF-23CG | Apache Syncope uses a weak PNRG | moderate |
2022-05-14T02:52:41
(2 years ago) |
|
Affected | >= 2.1.0, < 2.1.7 |
CVE-2020-11977
|
MAVEN:GHSA-P2RP-CMJQ-R7WM | Shell command injection in Apache Syncope | high |
2021-06-16T17:19:12
(3 years ago) |
|
Fixed | = 2.1.7 |
CVE-2020-11977
|
MAVEN:GHSA-P2RP-CMJQ-R7WM | Shell command injection in Apache Syncope | high |
2021-06-16T17:19:12
(3 years ago) |
|
Affected | >= 1.1.0, < 1.1.7 >= 1.0.0, < 1.0.9 |
CVE-2014-0111
|
MAVEN:GHSA-R2XF-W5PJ-9PW8 | Apache Syncope JEXL Code Injection | moderate |
2022-05-14T01:18:38
(2 years ago) |
|
Fixed | = 1.1.7 = 1.0.9 |
CVE-2014-0111
|
MAVEN:GHSA-R2XF-W5PJ-9PW8 | Apache Syncope JEXL Code Injection | moderate |
2022-05-14T01:18:38
(2 years ago) |