Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Any info about CVE-2020-11022, CVE-2021-23450 & CVE-2021-41182 with ACS 23.1

Go to answer
klabecks
Champ in-the-making
Champ in-the-making

4 weeks ago

I want to know if any of the following vulnerabilities can be exploited with Alfresco?

https://www.cve.org/CVERecord?id=CVE-2020-11022
https://www.cve.org/CVERecord?id=CVE-2021-23450
https://www.cve.org/CVERecord?id=CVE-2021-41182

These were found in Alfresco Community 23.1 version. 

  

Labels:
0 Kudos
1 ACCEPTED ANSWER

Go to answer
HeinRagas
Employee
Employee

3 weeks ago

We keep an eye on the CVEs and scan Alfresco with the usual tools. Not every security issue in a library we use can be exploited. You can find our security policy at https://docs.alfresco.com/support/latest/policies/security/ .

As a rule, we do not communicate about individual CVEs. The latest service pack is always up-to-date with our security fixes, my recommendation is to deploy 23.5 or wait just a week to go to 23.6.

View answer in original post

2 REPLIES 2

Go to answer
HeinRagas
Employee
Employee

3 weeks ago

We keep an eye on the CVEs and scan Alfresco with the usual tools. Not every security issue in a library we use can be exploited. You can find our security policy at https://docs.alfresco.com/support/latest/policies/security/ .

As a rule, we do not communicate about individual CVEs. The latest service pack is always up-to-date with our security fixes, my recommendation is to deploy 23.5 or wait just a week to go to 23.6.

Go to answer
klabecks
Champ in-the-making
Champ in-the-making

3 weeks ago

Thank you for the information! So I guess we can assume that if a library version used in Alfresco has an old vulnerability finding (like in this case), the vulnerability is not exploitable in Alfresco. Otherwise it would have been updated.

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2025 Khoros, LLC