org.apache.cocoon:cocoon-sitemap-impl@1.0.0 vulnerabilities

latest version

2.3.0

first published

17 years ago

latest version published

1 years ago

licenses detected

Apache-2.0
[1.0.0-M1,)

package manager

View on Maven Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.cocoon:cocoon-sitemap-impl package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) Affected versions of this package are vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) in the `ContinuationsManagerImpl` class, which uses the application's startup time as the seed. An attacker can guess continuation IDs and access unauthorized continuations by predicting this value. Note: This package is no longer maintained so a fix is not expected. How to fix Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)? There is no fixed version for `org.apache.cocoon:cocoon-sitemap-impl`.	[0,)

Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

Affected versions of this package are vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) in the ContinuationsManagerImpl class, which uses the application's startup time as the seed. An attacker can guess continuation IDs and access unauthorized continuations by predicting this value.

Note: This package is no longer maintained so a fix is not expected.

How to fix Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)?

There is no fixed version for org.apache.cocoon:cocoon-sitemap-impl.

[0,)

Go back to all versions of this package