# Are there any vulnerabilities in OpsHub Integration Manager?
[Grype](https://github.com/anchore/grype) is used to scan all the vulnerabilities that exist in space.vars.SITENAME. Some vulnerabilities reported by Grype are actually not present in space.vars.SITENAME, and such vulnerabilities are known as **False Positive Vulnerabilities**. These vulnerabilities are not harmful.
Following is the list of critical-level false positive vulnerabilities reported by Grype:
| Vulnerability Id | Description | Reason |
| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| CVE-2021-29940 | An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through\_and) upon a panic of the map function. | This vulnerability refers to a **through crate** in **Rust Programming Language**. space.vars.SITENAME does not use **Rust** for development. |
| CVE-2016-0949 | Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL. | These vulnerabilities are present in **Adobe Connect** software. space.vars.SITENAME does not use **Adobe Connect**. |
| CVE-2017-11291 | An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls. | (See above) |
| CVE-2018-12804 | Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking. | (See above) |
| CVE-2018-12805 | Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation. | (See above) |
| CVE-2018-4923 | Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion. | (See above) |
| CVE-2021-40719 | Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server. | (See above) |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://opstech.gitbook.io/opstech-docs/help-center-index/faqs/general-faqs/vulnerabilities.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.