com.nablarch.framework:nablarch-fw-web-dbstore@1.0.4 vulnerabilities
-
latest version
2.0.0
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
5 months ago
-
licenses detected
- [1.0.3,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.nablarch.framework:nablarch-fw-web-dbstore package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.nablarch.framework:nablarch-fw-web-dbstore is a session store implementation using JDBC. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm. Due to an incomplete cryptography of the data store function by using the hidden tag allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors. How to fix Use of a Broken or Risky Cryptographic Algorithm? Upgrade |
[,1.1.0)
|