cn.hippo4j:hippo4j-all@0.9.0 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the cn.hippo4j:hippo4j-all package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Insecure Permissions

Affected versions of this package are vulnerable to Insecure Permissions by allowing an attacker to obtain sensitive information via the ConfigVerifyController function of the Tenant Management module.

How to fix Insecure Permissions?

There is no fixed version for cn.hippo4j:hippo4j-all.

[0,)
  • H
Privilege Escalation

Affected versions of this package are vulnerable to Privilege Escalation via the ThreadPoolController class of the tenant Management module.

How to fix Privilege Escalation?

There is no fixed version for cn.hippo4j:hippo4j-all.

[0,)
  • H
Insecure Permissions

Affected versions of this package are vulnerable to Insecure Permissions by allowing the attacker to escalate privileges via the AddUser method of the UserController function in Tenant Management module.

How to fix Insecure Permissions?

There is no fixed version for cn.hippo4j:hippo4j-all.

[0,)