org.cloudfoundry.identity:cloudfoundry-identity-uaa vulnerabilities

Cloud Foundry User Account and Authentication (UAA) Server

Latest version: 4.30.0

Licenses detected

  • license: Apache-2.0 [2.2.4, 4.5.6),[4.6.0, 4.7.5),[4.8.0, 4.10.1),[4.11.0, 4.12.0),[4.30.0,)
  • license: Unknown [4.5.6, 4.6.0),[4.7.5, 4.8.0),[4.10.1, 4.11.0),[4.12.0, 4.30.0)
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the org.cloudfoundry.identity:cloudfoundry-identity-uaa package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Privilege Escalation
[3.0.0, 3.6.5),[3.7, 3.9.3),[2.0.0, 2.7.4.12) Not available 04 Jul, 2019
  • H
Authentication Bypass
[4.5.0,4.5.7), [4.7.0,4.7.6), [4.10.0,4.10.2), [4.12.0,4.12.4), [4.19.0,4.19.2) Not available 02 Aug, 2018
  • M
Open Redirect
[4.6.0,4.7.5), (4.7.5,4.10.1), (4.10.1,4.19.0) Not available 01 Jul, 2018
  • H
Privilege Escalation
[4.12.0, 4.12.2), [4.13.0, 4.13.4) Not available 21 May, 2018
  • M
Privilege Escalation
[3.6.0, 3.6.13), [3.9.0,3.9.15), [3.20.0-alpha,3.20.0), [4.0.0,4.4.0) Not available 01 Apr, 2018
  • H
Improper Privileges
[2.0.0, 2.7.4.16), [3.6.0, 3.6.10), [3.9.0, 3.9.12), [3.10.0, 3.17.0) Not available 01 Apr, 2018
  • H
Privilege Escalation
[2.0, 2.7.4.17), [3.6.0, 3.6.11), [3.9.0, 3.9.13), [4.0, 4.2.0) Not available 01 Apr, 2018
  • H
HTTP Headers Forwarding
[3.0.0,3.6.12), [3.7,3.9.14), [3.10.0,3.19.0) Not available 01 Apr, 2018
  • H
Information Exposure
[4.5.0,4.5.5), [4.8.0,4.8.3), [4.7.0,4.7.4) Not available 21 Feb, 2018
  • H
Denial of Service (DoS)
[3.9,3.11.0) Not available 21 May, 2017
  • H
Privilege Escalation
[,2.7.4.9], [3.0.0,3.9.1] Not available 21 May, 2017
  • H
Session Fixation
[,2.7.4.9], [3.0.0,3.9.1] Not available 21 May, 2017
  • H
SQL Injection
[2.2.4,2.7.4.4),[3.0.0,3.3.0.2), [3.4,3.4.1) Not available 04 Jul, 2016