VYPR

Maven package

org.opencastproject/base

pkg:maven/org.opencastproject/base

Vulnerabilities (2)

  • CVE-2020-5230Jan 30, 2020
    affected < 7.6fixed 7.6

    Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape w

  • CVE-2017-1000217HigNov 17, 2017
    affected < 2.3.3fixed 2.3.3

    Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.