Skip to main content

Sling Jcr Base

1 CVEs product

Monthly

CVE-2023-25141 Maven HIGH PATCH This Week

Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Code Injection Sling Jcr Base
NVD
CVSS 3.1
7.5
EPSS
1.2%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Code Injection Sling Jcr Base
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy