Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2026/05/25 5:0 p.m.9 views

org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (=4.1.0)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-spring and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic =4.1.0 -...

7.2CVSS5.4AI score0.00652EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 2:40 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.14), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.14) +30 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M0 <=3.0.14)

org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.14 and more Source cves: CVE-2025-65998https://vulners.com/c...

7.5CVSS6AI score0.00448EPSS
Exploits0
Snyk
Snyk
added 2025/11/24 2:40 p.m.3 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the password encryption process. An attacker can recover original cleartext password values by accessing the internal database content, as the encryption key is hard-coded and publicly known. Note:...

7.5CVSS6.7AI score0.00448EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.6 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.1), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.1) +32 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=4.0.0 <=4.0.1)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.1 and more Source cves: CVE-2025-57738https://vulners.com/cve/CVE-2025-577...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/20 3:42 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.13), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.13) +30 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M0 <=3.0.13)

org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.13 and more Source cves: CVE-2025-57738https://vulners.com/c...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
Snyk
Snyk
added 2025/10/20 3:42 p.m.3 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization of Groovy code provided by delegated administrators. A privileged attacker can execute arbitrary code remotely by providing malicious Groovy implementations that are loaded and executed by the...

9.1CVSS7.6AI score0.23107EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/20 3:30 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.13), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.13) +46 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=2.0.0-M2 <=3.0.13)

org.apache.syncope.core:syncope-core-spring MAVEN version =2.0.0-M2, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.3, =2.0.0, =2.0.0, =3.0.0, =3.0.0, =2.0.0, =2.0.16 and more Source cves: CVE-2025-57738 Source advisory: OSV:GHSA-825G-MM5...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/20 3:30 p.m.8 views

org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.1), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.1) +32 more potentially affected by CVE-2025-57738 via org.apache.syncope.core:syncope-core-spring (>=4.0.0-M0 <=4.0.1)

org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.1 and more Source cves: CVE-2025-57738https://vulners.com/cve/CVE-2025-...

7.2CVSS7.4AI score0.23107EPSS
Exploits0
Rows per page
Query Builder