pkg:maven/org.opencrx/opencrx-client
Type
maven
Namespace
org.opencrx
Name
opencrx-client
Known advisories, vulnerabilities and fixes for org.opencrx/opencrx-client package.
Critical
1
Moderate
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 5.2.2 |
CVE-2022-40084
|
 MAVEN:GHSA-J5V3-363P-G843
|
OpenCRX vulnerable to password enumeration via error messages in password reset | moderate |
2022-10-20T19:00:30
(23 months ago) |
|
| Fixed | = 5.2.2 |
CVE-2022-40084
|
MAVEN:GHSA-J5V3-363P-G843
|
OpenCRX vulnerable to password enumeration via error messages in password reset | moderate |
2022-10-20T19:00:30
(23 months ago) |
|
| Affected | < 5.3.0 |
CVE-2023-46502
|
MAVEN:GHSA-Q74F-RF27-8HXC
|
OpenCRX allows a remote attacker to execute arbitrary code via a crafted request | critical |
2023-10-31T00:31:00
(10 months ago) |
|
| Fixed | = 5.3.0 |
CVE-2023-46502
|
MAVEN:GHSA-Q74F-RF27-8HXC
|
OpenCRX allows a remote attacker to execute arbitrary code via a crafted request | critical |
2023-10-31T00:31:00
(10 months ago) |
|
| Affected | >= 4.0.0, < 5.2.0 |
CVE-2021-25959
|
MAVEN:GHSA-RWH9-8XX8-4WFM
|
Cross-site Scripting in OpenCRX | moderate |
2021-09-30T20:50:21
(3 years ago) |
|
| Fixed | = 5.2.0 |
CVE-2021-25959
|
MAVEN:GHSA-RWH9-8XX8-4WFM
|
Cross-site Scripting in OpenCRX | moderate |
2021-09-30T20:50:21
(3 years ago) |