Package impact
Maven / org.apache.syncope:syncope-core
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-65998 | unknown | — | — | 6mo ago | Apache Syncope's AES encryption stores hard-coded passwords in internal database | |||
| CVE-2020-1959 | unknown | — | — | 5y ago | Expression Language Injection in Apache Syncope | |||
| CVE-2020-1961 | unknown | — | — | 5y ago | Injection in Apache Syncope | |||
| CVE-2018-1321 | unknown | — | — | 8y ago | High severity vulnerability that affects org.apache.syncope:syncope-core | |||
| CVE-2018-1322 | unknown | — | — | 8y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope | |||
| CVE-2018-17184 | unknown | — | — | 8y ago | Improper Control of Interaction Frequency in Apache syncope-core | |||
| CVE-2018-17186 | unknown | — | — | 8y ago | Improper Restriction of XML External Entity Reference in org.apache.syncope:syncope-core |