Maven package
org.opencastproject/base
pkg:maven/org.opencastproject/base
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-5230 | — | < 7.6 | 7.6 | Jan 30, 2020 | Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape w | ||
| CVE-2017-1000217 | Hig | 8.8 | < 2.3.3 | 2.3.3 | Nov 17, 2017 | Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0. |
- CVE-2020-5230Jan 30, 2020affected < 7.6fixed 7.6
Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape w
- affected < 2.3.3fixed 2.3.3
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.