pkg:maven/org.opencastproject/opencast-kernel
Type
maven
Namespace
org.opencastproject
Name
opencast-kernel
Known advisories, vulnerabilities and fixes for org.opencastproject/opencast-kernel package.
Critical
1
High
2
Moderate
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 8.0, < 8.9 < 7.9 |
CVE-2020-26234
|
MAVEN:GHSA-44CW-P2HM-GPF6 | Disabled Hostname Verification in Opencast | high |
2020-12-08T22:37:59
(3 years ago) |
|
Fixed | = 8.9 = 7.9 |
CVE-2020-26234
|
MAVEN:GHSA-44CW-P2HM-GPF6 | Disabled Hostname Verification in Opencast | high |
2020-12-08T22:37:59
(3 years ago) |
|
Affected | >= 8.0, < 8.1 < 7.6 |
CVE-2020-5231
|
MAVEN:GHSA-94QW-R73X-J7HG | Users with ROLE_COURSE_ADMIN can create new users in Opencast | moderate |
2020-01-30T21:21:37
(4 years ago) |
|
Fixed | = 8.1 = 7.6 |
CVE-2020-5231
|
MAVEN:GHSA-94QW-R73X-J7HG | Users with ROLE_COURSE_ADMIN can create new users in Opencast | moderate |
2020-01-30T21:21:37
(4 years ago) |
|
Affected | < 9.6 |
CVE-2021-32623
|
MAVEN:GHSA-9GWX-9CWP-5C2M | Billion laughs attack (XML bomb) | high |
2021-06-17T20:11:35
(3 years ago) |
|
Fixed | = 9.6 |
CVE-2021-32623
|
MAVEN:GHSA-9GWX-9CWP-5C2M | Billion laughs attack (XML bomb) | high |
2021-06-17T20:11:35
(3 years ago) |
|
Affected | < 2.2.4 |
CVE-2017-1000221
|
MAVEN:GHSA-HX44-C87V-P6XG | Opencast has Incorrect Permission Assignment | moderate |
2022-05-13T01:40:59
(2 years ago) |
|
Fixed | = 2.2.4 |
CVE-2017-1000221
|
MAVEN:GHSA-HX44-C87V-P6XG | Opencast has Incorrect Permission Assignment | moderate |
2022-05-13T01:40:59
(2 years ago) |
|
Affected | >= 8.0, < 8.1 < 7.6 |
CVE-2020-5222
|
MAVEN:GHSA-MH8G-HPRG-8363 | Hard-Coded Key Used For Remember-me Token in Opencast | moderate |
2020-01-30T21:21:44
(4 years ago) |
|
Fixed | = 8.1 = 7.6 |
CVE-2020-5222
|
MAVEN:GHSA-MH8G-HPRG-8363 | Hard-Coded Key Used For Remember-me Token in Opencast | moderate |
2020-01-30T21:21:44
(4 years ago) |
|
Affected | >= 8.0, < 8.1 < 7.6 |
CVE-2020-5206
|
MAVEN:GHSA-VMM6-W4CF-7F3X | Authentication Bypass For Endpoints With Anonymous Access in Opencast | critical |
2020-01-30T21:21:30
(4 years ago) |
|
Fixed | = 8.1 = 7.6 |
CVE-2020-5206
|
MAVEN:GHSA-VMM6-W4CF-7F3X | Authentication Bypass For Endpoints With Anonymous Access in Opencast | critical |
2020-01-30T21:21:30
(4 years ago) |