org.wso2.am:am-parent
Maven3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.wso2.am:am-parentpage 1 of 1
- CVE-2020-13226CRITICALCVSS 9.8EG 9.82020-05-20
vulnerable: 1.10.0 ... v3.0.0-m3 (66 versions)
WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.
- CVE-2024-2321MEDIUMCVSS 5.6EG 5.62025-02-27
vulnerable: 4.0.0, 4.0.0-beta
An incorrect authorization vulnerability exists in multiple WSO2 products, allowing protected APIs to be accessed directly using a refresh token instead of the expected access token. Due to improper authorization checks and token mapping, …
- CVE-2024-7096MEDIUMCVSS 4.2EG 4.2✓ Fixed in 4.4.02025-05-30
vulnerable: 2.0.0 ... 4.4.0-alpha (80 versions)
A privilege escalation vulnerability exists in multiple WSO2 products due to a business logic flaw in SOAP admin services. A malicious actor can create a new user with elevated permissions only when all of the following conditions are met:…
Check whether org.wso2.am:am-parent is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.wso2.am:am-parent CVEs against the assets you own.
Start Free Scan →