{"url":"http://public2.vulnerablecode.io/api/packages/58633?format=json","purl":"pkg:maven/org.apache.directory.studio/org.apache.directory.studio.parent@2.0.0.v20210717-M17","type":"maven","namespace":"org.apache.directory.studio","name":"org.apache.directory.studio.parent","version":"2.0.0.v20210717-M17","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41291?format=json","vulnerability_id":"VCID-11wt-5w8j-6bdn","summary":"Missing Encryption of Sensitive Data\nWhile investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33900","reference_id":"CVE-2021-33900","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33900"},{"reference_url":"https://github.com/advisories/GHSA-4x25-f45x-grv5","reference_id":"GHSA-4x25-f45x-grv5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4x25-f45x-grv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58633?format=json","purl":"pkg:maven/org.apache.directory.studio/org.apache.directory.studio.parent@2.0.0.v20210717-M17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.directory.studio/org.apache.directory.studio.parent@2.0.0.v20210717-M17"}],"aliases":["CVE-2021-33900","GHSA-4x25-f45x-grv5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11wt-5w8j-6bdn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.directory.studio/org.apache.directory.studio.parent@2.0.0.v20210717-M17"}