Skip to main content

Org Apache Sling Servlets Post

2 CVEs product

Monthly

CVE-2013-2254 Maven MEDIUM POC PATCH This Month

The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Apache Java Org Apache Sling Servlets Post
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2012-2138 Maven MEDIUM POC PATCH THREAT This Month

The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 43.4%.

Privilege Escalation Denial Of Service Apache Org Apache Sling Servlets Post
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
43.4%
EPSS 1% CVSS 5.0
MEDIUM POC PATCH This Month

The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Apache +2
NVD
EPSS 43% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 43.4%.

Privilege Escalation Denial Of Service Apache +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy