org.openidentityplatform.openam:openam-federation-library
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.openidentityplatform.openam:openam-federation-librarypage 1 of 1
- CVE-2023-37471CRITICALCVSS 9.1EG 9.1✓ Fixed in 14.7.32023-07-20
vulnerable: 14.5.2 ... 14.7.2 (12 versions)
Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. OpenAM up to version 14.7.2 does not properly validate the signature of …
- CVE-2026-44793LOWCVSS 0.0EG 0.0✓ Fixed in 16.1.12026-06-22
vulnerable: 14.5.2 ... 16.1.0 (40 versions)
OpenAM SAML2 Cluster Cookie-Hash-Redirect Path has Pre-authentication Reflected XSS via `FSUtils.postToTarget` ## Summary Certain federation endpoints do not consistently apply output encoding when rendering user-supplied parameters into…
Check whether org.openidentityplatform.openam:openam-federation-library is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.openidentityplatform.openam:openam-federation-library CVEs against the assets you own.
Start Free Scan →