5 matches found
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-bedrockagent-fips, crossplane-provider-aws-efs-fips, cert-manager, gomplate, crossplane-provider-azure-operationsmanagement, crossplane-provider-aws-firehose-fips, frankenphp-8.2, crossplane-provider-aws-rds-fips,...
Insufficiently Protected Credentials
Overview org.opencastproject:opencast-ingest-service-impl is a free and open source solution for automated video capture and distribution at scale. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the process of fetching MediaPackage elements included i...
Insufficiently Protected Credentials
Overview org.opencastproject:opencast-kernel is a free and open source solution for automated video capture and distribution at scale. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the process of fetching MediaPackage elements included in a...
CVE-2025-54380 Opencast still publishes global system account credentials
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...
GHSA-J63H-HMGW-X4J7 Opencast still publishes global system account credentials
Description Opencast prior to versions 17.6 would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass when attempting to fetch mediapackage elements included in a mediapackage XML file. A previous...