VYPR

Maven package

org.opencastproject/opencast-common

pkg:maven/org.opencastproject/opencast-common

Vulnerabilities (5)

  • CVE-2025-61788Oct 8, 2025
    affected <= 16.10

    Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, the paella would include and render some user inputs (metadata like title, description, etc.) unfiltered and unmodified. The vulnerability a

  • CVE-2025-54380Jul 26, 2025
    affected < 17.6fixed 17.6

    Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials (ie: org.opencastproject.security.digest.user and org.opencastproject.sec

  • CVE-2018-16153Dec 12, 2023
    affected < 10.6fixed 10.6

    An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.

  • CVE-2022-41965Nov 28, 2022
    affected < 12.5fixed 12.5

    Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to re

  • CVE-2021-43807Dec 14, 2021
    affected < 9.10fixed 9.10

    Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast versions prior to 9.10 allow HTTP method spoofing, allowing to change the assumed HTTP method via URL parameter. This allows attackers to turn HTTP GET requests into PUT requests or an HTTP form