1. Home
  2. Packages
  3. maven
  4. org.apache.syncope
  5. syncope

pkg:maven/org.apache.syncope/syncope

Type maven
Namespace org.apache.syncope
Name syncope

Known advisories, vulnerabilities and fixes for org.apache.syncope/syncope package.

Repository
https://mvnrepository.com/artifact/org.apache.syncope/syncope
High 1
Moderate 2
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 1.1.0, < 1.1.8 CVE-2014-3503
maven MAVEN:GHSA-4C72-MRHF-23CG Apache Syncope uses a weak PNRG moderate 2022-05-14T02:52:41
(2 years ago)
Fixed = 1.1.8 CVE-2014-3503
maven MAVEN:GHSA-4C72-MRHF-23CG Apache Syncope uses a weak PNRG moderate 2022-05-14T02:52:41
(2 years ago)
Affected >= 2.1.0, < 2.1.7 CVE-2020-11977
maven MAVEN:GHSA-P2RP-CMJQ-R7WM Shell command injection in Apache Syncope high 2021-06-16T17:19:12
(3 years ago)
Fixed = 2.1.7 CVE-2020-11977
maven MAVEN:GHSA-P2RP-CMJQ-R7WM Shell command injection in Apache Syncope high 2021-06-16T17:19:12
(3 years ago)
Affected >= 1.1.0, < 1.1.7 >= 1.0.0, < 1.0.9 CVE-2014-0111
maven MAVEN:GHSA-R2XF-W5PJ-9PW8 Apache Syncope JEXL Code Injection moderate 2022-05-14T01:18:38
(2 years ago)
Fixed = 1.1.7 = 1.0.9 CVE-2014-0111
maven MAVEN:GHSA-R2XF-W5PJ-9PW8 Apache Syncope JEXL Code Injection moderate 2022-05-14T01:18:38
(2 years ago)