pkg:Maven/org.apache.syncope:syncope-core

7 total CVEsCRITICAL2HIGH3MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-1959Expression Language Injection in Apache Syncope
    from 0, < 2.1.6
  • CRITICAL9.8CVE-2020-1961Injection in Apache Syncope
    >= 2.0.0, < 2.0.15
  • HIGH7.5CVE-2025-65998Apache Syncope's AES encryption stores hard-coded passwords in internal database
    >= 4.0.0, < 4.0.3
  • HIGH7.2CVE-2018-1321High severity vulnerability that affects org.apache.syncope:syncope-core
    from 0, < 1.2.11
  • HIGH7.2CVE-2018-17186Improper Restriction of XML External Entity Reference in org.apache.syncope:syncope-core
    from 0, < 2.0.11
  • MEDIUM5.4CVE-2018-17184Improper Control of Interaction Frequency in Apache syncope-core
    from 0, < 2.0.11
  • MEDIUM4.9CVE-2018-1322Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope
    from 0, < 1.2.11