org.dspace:dspace-jspui@6.0-rc3 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.dspace:dspace-jspui package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Generation of Error Message Containing Sensitive Information

org.dspace:dspace-jspui is a DSpace JSP Based Webapplication

Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information via an Internal System Error in the JSPUI, leading to the entire exception (including the stack trace) being available.

Note: This vulnerability does not impact the XMLUI or version 7.

How to fix Generation of Error Message Containing Sensitive Information?

Upgrade org.dspace:dspace-jspui to version 6.4 or higher.

[4.0,6.4)