Security Advisories

Syncro Soft uses Security Advisories to communicate security information to Syncro Soft customers regarding security vulnerabilities.

This section contains all recent security advisories that were issued by Syncro Soft. To protect the security of our customers, we don't publish a security advisory until the vulnerability has been fully investigated and a patch or update is available that resolves the issue.

These posts by the Syncro Soft security team are also sent to the security announcements email list and reference to them may be included in the release notes. Get notified of Syncro Soft releases and security advisories by registering to security announcements email list below:

Security Advisories
Advisory NumberSeverityStatusAffected ProductsLast Updated
CVE-2021-45105LowResolved Oxygen Content Fusion 4.1 and older
Oxygen XML Web Author between 22.1 and 24.0.0
Oxygen Feedback 2.0 and older
Oxygen XML Publishing Engine 24.0 and older
Oxygen XML WebHelp 24.0 and older
Oxygen PDF Chemistry 24.0 and older
Oxygen License Server 24.0 and older
Oxygen XML Author 24.0 and older
Oxygen XML Developer 24.0 and older
Oxygen XML Editor 24.0 and older
2021-12-21 10:15:30
CVE-2020-11987LowResolved Oxygen PDF Chemistry between v23.1 and v24.0 2021-12-20 11:43:30
CVE-2021-45046LowResolved Oxygen Content Fusion 4.1 and older
Oxygen XML Web Author between 22.1 and 24.0.0
Oxygen Feedback 1.4.5 and older
Oxygen XML Publishing Engine 24.0 and older
Oxygen XML WebHelp 24.0 and older
Oxygen PDF Chemistry 24.0 and older
Oxygen License Server 24.0 and older
Oxygen XML Author 24.0 and older
Oxygen XML Developer 24.0 and older
Oxygen XML Editor 24.0 and older
2021-12-15 12:43:30
CVE-2021-44228CriticalResolved Oxygen Content Fusion 4.1 and older
Oxygen XML Web Author between 22.1 and 24.0.0
Oxygen Feedback 1.4.4 and older
Oxygen XML Publishing Engine between 22.1 and 24.0
Oxygen XML WebHelp between 22.1 and 24.0
Oxygen PDF Chemistry between 22.1 and 24.0
Oxygen License Server between 22.1 and 24.0
Oxygen XML Author between 16.1 and 24.0
Oxygen XML Developer between 16.1 and 24.0
Oxygen XML Editor between 16.1 and 24.0
2021-12-10 18:56:21
SYNC-2021-2610LowResolved Oxygen Feedback 1.4.3 and older versions 2021-12-10 12:23:46
CVE-2021-37714HighResolved Oxygen Feedback 1.4.3 and older versions 2021-12-10 10:49:11
CVE-2021-43466LowResolved Oxygen Feedback 1.4.3 and older versions 2021-12-10 10:21:15
CVE-2021-37137LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 14:45:15
CVE-2021-37136LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 13:50:15
CVE-2020-25638LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 13:21:15
CVE-2020-17523LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 13:21:15
CVE-2018-1294LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 12:39:11
CVE-2017-9801HighResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 11:32:11
CVE-2017-18640LowResolved Oxygen Content Fusion 4.1 and older versions 2021-12-08 11:24:11
CVE-2021-42340HighResolved Oxygen XML Web Author 23.1 and older versions 2021-12-06 16:21:11
CVE-2021-40690MediumResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-10-18 14:27:09
CVE-2021-41303LowResolvedOxygen XML Web Author 23.1 and older2021-10-18 12:21:11
CVE-2021-41079HighResolvedOxygen XML Web Author 23.1 and older2021-10-18 17:22:11
SYNC-2021-2809MediumResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
Oxygen Publishing Engine 23.1 and older versions
2021-10-18 14:27:09
SYNC-2021-072301MediumResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
Oxygen Publishing Engine 23.1 and older versions
Oxygen XML WebHelp 23.1 and older versions
2021-08-25 10:21:02
CVE-2018-18928MediumResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-08-25 10:53:04
CVE-2021-36090MediumResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-08-25 10:30:34
CVE-2021-35517LowResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-08-25 10:46:30
CVE-2021-35516LowResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-08-25 10:41:20
CVE-2021-35515LowResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-08-25 10:33:45
CVE-2021-33910MediumResolvedOxygen Content Fusion 4.1 and older versions 2021-08-19 13:27:26
CVE-2021-23337MediumResolvedOxygen Content Fusion 4.1 and older versions 2021-07-12 15:36:18
CVE-2021-25329MediumResolvedOxygen Feedback 1.4 and older versions2021-04-13 10:30:18
CVE-2021-25122MediumResolvedOxygen Feedback 1.4 and older versions2021-04-13 14:43:15
CVE-2021-22112MediumResolvedOxygen Feedback 1.4 and older versions2021-04-13 16:35:20
CVE-2020-13936LowResolved Oxygen XML Editor 23.1 and older versions
Oxygen XML Developer 23.1 and older versions
Oxygen XML Author 23.1 and older versions
2021-04-12 10:15:21
SYNC-2021-031201LowResolvedOxygen Content Fusion 4.0 and older versions2021-03-12 15:32:17
CVE-2020-36048MediumResolvedOxygen Content Fusion 3.0 and older versions2021-03-09 10:43:11
CVE-2020-36049MediumResolvedOxygen Content Fusion 3.0 and older versions2021-03-09 12:18:30
CVE-2016-1000027MediumResolvedOxygen Feedback 1.32020-11-03 16:14:14
CVE-2020-1938MediumResolved Oxygen XML Web Author 22.0.0 and older versions
Oxygen Content Fusion 1.2 and older versions
2020-04-07 16:00:00
CVE-2019-17571MediumResolved Oxygen XML Editor 21.1 and older versions
Oxygen XML Developer 21.1 and older versions
Oxygen XML Author 21.1 and older versions
Oxygen PDF Chemistry 21.1 and older versions
Oxygen XML WebHelp 21.1 and older versions
Oxygen XML Web Author 21.1.1 and older versions
Oxygen Content Fusion 1.2 and older versions
2020-05-18 15:00:00
SYNC-2019-111401MediumResolved Oxygen XML Editor 21.1 and older versions
Oxygen XML Developer 21.1 and older versions
Oxygen XML Author 21.1 and older versions
2019-12-11 16:14:14

Important:

  • This table is not yet a complete list of vulnerabilities. Formulating such a list is an extensive undertaking which Syncro Soft is addressing systematically.
  • Syncro Soft does not issue security advisories for underlying third party libraries. Please refer to the concerned third parties as appropriate.
  • Syncro Soft Security Advisories are provided on an "as is" basis and do not imply any kind of guarantee or warranty. Your use of the information in these publications or linked material is at your own risk. Syncro Soft reserves the right to change or update this content without notice at any time.

For more information about security at Syncro Soft, see our Security page. If you believe you've found a security vulnerability, see Reporting a new vulnerability.