| Tip |
|---|
This is the advisory page for Identity Provider V5 releases. For IdP plugins supported by the project, see the plugins home page. For older IdP advisories, please refer to the V4 IDP SecurityAdvisories page. For the SP, please refer to V3 SPÂ SecurityAdvisories page. As a courtesy, you can also find Jetty advisories at https://www.eclipse.org/jetty/security-reports.html and Tomcat advisories at http://tomcat.apache.org/security.html |
...
Version | EOL | User Data Exposure | User Data Accuracy | Session Hijacking | Denial of Service | Remote Exploit | Advisories |
|---|---|---|---|---|---|---|---|
All | X | X | X | 2018-01-23, 2017-05-18 | |||
5.1.0 | |||||||
5.0.0 | 2024-03-13 |
Advisory List
...
Guava (any) (CVE-2020-8908)
We don't use the affected, deprecated function, and there is no fix for the issue.
Spring Framework
CVE-2024-22259
We don’t use the affected function. We will patch this in the next release of the software.