org.apache.helix:helix-front@0.8.2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.apache.helix:helix-front package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Use of Hard-coded Password

Affected versions of this package are vulnerable to Use of Hard-coded Password through the Front component. An attacker can spoof sessions by generating their own fake cookies by exploiting the hard-coded secret.

Note: This vulnerability only affects products that are no longer supported by the maintainer.

How to fix Use of Hard-coded Password?

There is no fixed version for org.apache.helix:helix-front.

[0,)
  • M
Open Redirect

Affected versions of this package are vulnerable to Open Redirect due to improper design for the UI embedding.

How to fix Open Redirect?

Upgrade org.apache.helix:helix-front to version 1.1.0 or higher.

[0.8.0,1.1.0)