Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core:syncope-core-self-keymaster-starter (>=3.0.0 <=3.0.14) potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-starter (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core:syncope-core-starter MAVEN version =3.0.0-M0, =3.0.0, =3.0.14 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105145...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.9 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +13 more potentially affected by CVE-2025-65998 via org.apache.syncope.core.idrepo:syncope-core-idrepo-logic (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core.idrepo:syncope-core-idrepo-logic MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 Source cves: CVE-2025-65998https://vulners.com/cve/CVE...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.7 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.14), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.14) +14 more potentially affected by CVE-2025-65998 via org.apache.syncope.core.idrepo:syncope-core-idrepo-logic (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core.idrepo:syncope-core-idrepo-logic MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.10, =3.0.0, =3.0.0, =3.0.14 and more Sourc...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +18 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-provisioning-java (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-provisioning-java MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 and more Source cves: CVE-2...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +33 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-spring (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 and more Source cves: CVE-2025-65998 Source advisory: SNYK:JA...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.16 views

org.apache.syncope.core:syncope-core-persistence-jpa-json (>=3.0.0 <=3.0.14), org.apache.syncope.core:syncope-core-self-keymaster-starter (>=3.0.0 <=3.0.14) +6 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-persistence-jpa (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core:syncope-core-persistence-jpa MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.10, =3.0.0, =3.0.14 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105148...

7.5CVSS6AI score0.00448EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/11/24 1:47 p.m.1 views

CVE-2025-65998 Apache Syncope: Default AES key used for internal password encryption

Apache Syncope can be configured to store the user password values in the internal database with AES encryption, though this is not the default option. When AES is configured, the default key value, hard-coded in the source code, is always used. This allows a malicious attacker, once obtained...

6.4AI score0.00448EPSS
Exploits0References1
Circl
Circl
added 2025/11/24 11:38 a.m.5 views

CVE-2025-65998

creationtimestamp| type| source ---|---|--- 2025-11-24 11:38:00+00:00| seen| https://seclists.org/oss-sec/2025/q4/205 2025-11-24 13:14:04+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m6evrxmkvr2i 2025-11-24 15:15:21+00:00| seen|...

7.5CVSS5.7AI score0.00448EPSS
Exploits0References5
Rows per page
Query Builder