Homepage
About Snyk

com.nablarch.framework:nablarch-fw-web-dbstore@1.0.4 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the com.nablarch.framework:nablarch-fw-web-dbstore package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Use of a Broken or Risky Cryptographic Algorithm

com.nablarch.framework:nablarch-fw-web-dbstore is a session store implementation using JDBC.

Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm. Due to an incomplete cryptography of the data store function by using the hidden tag allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.

How to fix Use of a Broken or Risky Cryptographic Algorithm?

Upgrade com.nablarch.framework:nablarch-fw-web-dbstore to version 1.1.0 or higher.

[,1.1.0)
Go back to all versions of this package