org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service@1.4.28 vulnerabilities
-
latest version
1.9.9
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
a month ago
-
licenses detected
- [0.1.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.wso2.carbon.identity.auth.rest:org.wso2.carbon.identity.auth.service package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Arbitrary File Upload due to improper validation of user input, a malicious actor could upload an arbitrary file to a user-controlled location of the server. By leveraging the arbitrary file upload vulnerability, it is further possible to gain remote code execution on the server. Note: The vulnerable components are:
How to fix Arbitrary File Upload? Upgrade |
[,1.4.50)
|