com.ctrip.framework.apollo:apollo-core (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package com.ctrip.framework.apollo:apollo-core, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2020-15170 — CVSS 7.0 (high): apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internet(which is not…