Homepage

org.infinispan:infinispan-parent@15.0.3.Final vulnerabilities

  • latest version

    15.1.3.Final

  • first published

    13 years ago

  • latest version published

    21 days ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.infinispan:infinispan-parent package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Cleartext Storage of Sensitive Information

    Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the improper handling of sensitive information when serializing cache configurations. An attacker can obtain sensitive credentials by accessing the serialized configuration data in XML/JSON/YAML formats.

    Note:

    The issue's impact is limited because only users with administrator permissions can retrieve the cache configurations, and the recommended approach for connecting via JDBC is using the datasource configuration, which does not expose the database credentials.

    How to fix Cleartext Storage of Sensitive Information?

    There is no fixed version for org.infinispan:infinispan-parent.

    [0,)
    Go back to all versions of this package