Bloomreach Experience Manager (PaaS/Self-Hosted) - The Fast and Flexible Headless CMS

spring-security-core-5.4.6.jar vulnerability

21-09-2021 affects versions : 14.6

Possible limited path traversal vulnerabily in Apache Commons IO up to version 2.6 (CVE-2021-29425)

06-07-2021 affects versions : 14.5, 13.4, 12.6

Velocity tools generic vulnerability (CVE-2020-13959)

06-07-2021 affects versions : 14.5, 13.4, 12.6

Velocity engine core vulnerability (CVE-2020-13936)

06-07-2021 affects versions : 14.5, 13.4, 12.6

Apache CXF vulnerability (CVE-2021-22696)

06-07-2021 affects versions : 14.5, 13.4, 12.6

PDFBox Vulnerability (CVE-2021-27906, CVE-2021-27807)

06-07-2021 affects versions : 14.5, 13.4, 12.6

Elasticsearch REST client vulnerability (CVE-2021-22134)

06-07-2021 affects versions : 14.5, 13.4, 12.6

RESTEasy vulnerability (CVE-2021-20289)

06-07-2021 affects versions : 14.5, 13.4, 12.6

CKEditor vulnerability

06-07-2021 affects versions : 14.5, 13.4, 12.6

Improve disabling access to external entities in XML parsing for TransformerFactory

10-05-2021 affects versions : 14.5

Groovy XML vulnerability

13-04-2021 affects versions : 14.4, 13.4, 12.6

Moment.js vulnerability

13-04-2021 affects versions : 13.4, 12.6

Minimist.js vulnerability

13-04-2021 affects versions : 13.4

Apache HttpClient vulnerability (CVE-2020-13956)

13-04-2021 affects versions : 14.4, 13.4, 12.6

Vulnerability in Bouncy Castle Crypto Package

13-04-2021 affects versions : 14.4, 13.4, 12.6

Vulnerability in MyBatis before 3.5.6

08-12-2020 affects versions : 14.3, 13.4, 12.6

Elasticsearch REST client vulnerability

08-12-2020 affects versions : 14.3, 13.4, 12.6

Vulnerabilities in jQuery library before version 3.5.0

08-12-2020 affects versions : 14.3, 13.4, 12.6

Apache Groovy Information Disclosure

08-12-2020 affects versions : 14.3, 13.4, 12.6

Vulnerability in Spring Core 5

29-10-2020 affects versions : 14.2, 13.4, 12.6

Reported vulnerability in hippo-addon-2fa-duosecurity related to embedded jquery

27-10-2020 affects versions : 14.2, 13.4, 12.6

Spring security core v.5.3 null initialization vector

27-10-2020 affects versions : 14.2, 13.4, 12.6

Vulnerability in embedded resteasy-jaxrs for Camunda

27-10-2020 affects versions : 14.2, 13.4, 12.6

Multiple vulnerabilities in Apache Solr dependency

27-10-2020 affects versions : 14.2, 13.4, 12.6

DoS attack vulnerabilities in Apache Sanselan

27-10-2020 affects versions : 13.4, 12.6

Get Started

Build a Website

Relevance Trail

Feed an AngularJS App

Understand Hippo

Implement Hippo

Extend Hippo

Integrate Hippo

Run Hippo

Upgrade Hippo

Develop Hippo

Use Hippo

Report an Issue

Bloomreach Documentation version

Security Updates