pl.allegro.tech.hermes:hermes-management@1.4.4 vulnerabilities
-
latest version
2.6.22
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
a month ago
-
licenses detected
- [0.7.2,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the pl.allegro.tech.hermes:hermes-management package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Remote Code Execution (RCE) through the improper use of Apache Note: This vulnerability was recorded before in JAXPath as CVE-2022-41852 but deemed not a vulnerability because the intended behavior of the JXPath library is not to handle untrusted input, this having to be handled downstream. How to fix Remote Code Execution (RCE)? Upgrade |
[,2.2.9)
|