Lucene search
K

33 matches found

vulnersOsv
vulnersOsv
added 2026/05/25 5:0 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=4.0.5) +38 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M1 <=4.0.5)

org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M1, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.2, =4.0.0, =3.0.0, =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.5 and more Source cves: CVE-2026-42782 Source advisory: SNYK:JAV...

7.2CVSS5.4AI score0.00652EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/25 5:0 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (=4.1.0)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-spring and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic =4.1.0 -...

7.2CVSS5.4AI score0.00652EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/25 4:59 p.m.7 views

org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +36 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (=4.1.0)

org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-provisioning-api and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic...

4.9CVSS5.5AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/25 4:59 p.m.7 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=4.0.5) +41 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (>=3.0.0 <=4.0.5)

org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.2, =4.0.0, =3.0.0, =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.5 and more Source cves: CVE-2026-42797 Source advisory:...

4.9CVSS5.5AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.7 views

org.apache.syncope.core:syncope-core-metrics-starter (=4.0.2), org.apache.syncope.core:syncope-core-self-keymaster-starter (>=4.0.0 <=4.0.2) +3 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-persistence-jpa (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-persistence-jpa MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105148...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.17 views

org.apache.syncope.core:syncope-core-persistence-jpa-json (>=3.0.0 <=3.0.14), org.apache.syncope.core:syncope-core-self-keymaster-starter (>=3.0.0 <=3.0.14) +6 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-persistence-jpa (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core:syncope-core-persistence-jpa MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.10, =3.0.0, =3.0.14 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105148...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +33 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-spring (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 and more Source cves: CVE-2025-65998 Source advisory: SNYK:JA...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.14), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.14) +30 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.14 and more Source cves: CVE-2025-65998https://vulners.com/c...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.9 views

org.apache.syncope.core:syncope-core-metrics-starter (=4.0.2), org.apache.syncope.core:syncope-core-self-keymaster-starter (>=4.0.0 <=4.0.2) potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-starter (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-starter MAVEN version =4.0.0-M0, =4.0.0, =4.0.2 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105145...

7.5CVSS6AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +18 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-provisioning-java (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-provisioning-java MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 and more Source cves: CVE-2...

7.5CVSS6AI score0.00448EPSS
Exploits0
Snyk
Snyk
added 2025/11/24 2:40 p.m.2 views

Use of Hard-coded Cryptographic Key

Overview org.apache.syncope.core:syncope-core-persistence-jpa is an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology and released under Apache 2.0 license. Affected versions of this package are vulnerable to Use of Hard-coded...

7.5CVSS7AI score0.00448EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 2:40 p.m.4 views

Use of Hard-coded Cryptographic Key

Overview org.apache.syncope.core:syncope-core-starter is an Apache Syncope Core Spring Boot Starter Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the password encryption process. An attacker can recover original cleartext password values by accessing t...

7.5CVSS6.7AI score0.00448EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 2:40 p.m.3 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the password encryption process. An attacker can recover original cleartext password values by accessing the internal database content, as the encryption key is hard-coded and publicly known. Note:...

7.5CVSS6.7AI score0.00448EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 2:40 p.m.4 views

Use of Hard-coded Cryptographic Key

Overview org.apache.syncope.core.idrepo:syncope-core-idrepo-logic is an Apache Syncope Core IdRepo Logic Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the password encryption process. An attacker can recover original cleartext password values by...

7.5CVSS6.7AI score0.00448EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.7 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.13), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.13) +38 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-persistence-api (>=3.0.0-M0 <=3.0.13)

org.apache.syncope.core:syncope-core-persistence-api MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.13 and more Source cves: CVE-2025-57738 Source ad...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.9 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.1), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.1) +17 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-provisioning-java (>=4.0.0 <=4.0.1)

org.apache.syncope.core:syncope-core-provisioning-java MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.1 and mo...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
Snyk
Snyk
added 2025/10/20 3:42 p.m.2 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization of Groovy code provided by delegated administrators. A privileged attacker can execute arbitrary code remotely by providing malicious Groovy implementations that are loaded and executed by the...

9.1CVSS7.8AI score0.23107EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/20 3:42 p.m.2 views

Improper Isolation or Compartmentalization

Overview org.apache.syncope.core:syncope-core-provisioning-java is an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology and released under Apache 2.0 license. Affected versions of this package are vulnerable to Improper Isolation or...

9.1CVSS7.8AI score0.23107EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.6 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.1), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.1) +32 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=4.0.0 <=4.0.1)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.1 and more Source cves: CVE-2025-57738https://vulners.com/cve/CVE-2025-577...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.13), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.13) +30 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M0 <=3.0.13)

org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.13 and more Source cves: CVE-2025-57738https://vulners.com/c...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
Rows per page
Query Builder