com.linecorp.centraldogma:centraldogma-server@0.22.0 vulnerabilities
-
latest version
0.64.3
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
2 months ago
-
licenses detected
- [0.17.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.linecorp.centraldogma:centraldogma-server package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.linecorp.centraldogma:centraldogma-server is a service configuration repository based on Git, ZooKeeper and HTTP/2 (centraldogma-server). Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to insufficient input validation and output encoding. An attacker can inject malicious scripts into web pages viewed by other users by submitting crafted input. How to fix Cross-site Scripting (XSS)? Upgrade |
[,0.64.0)
|
com.linecorp.centraldogma:centraldogma-server is a service configuration repository based on Git, ZooKeeper and HTTP/2 (centraldogma-server). Affected versions of this package are vulnerable to Privilege Escalation. This can happen by mirroring to the internal dogma repository that has a file managing the authorization of the project. How to fix Privilege Escalation? Upgrade |
[,0.52.0)
|
com.linecorp.centraldogma:centraldogma-server is a service configuration repository based on Git, ZooKeeper and HTTP/2 (centraldogma-server). Affected versions of this package are vulnerable to Cross-site Scripting (XSS). A malicious user could inject arbitrary web script or HTML via unspecified vectors. How to fix Cross-site Scripting (XSS)? Upgrade |
[0.17.0,0.40.1)
|