Lucene search
China National Vulnerability DatabaseCNVD-2023-80563HistoryJul 30, 2023 - 12:00 a.m.
Apache Jackrabbit Code Execution Vulnerability
2023-07-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
apache jackrabbit
code execution
vulnerability
commons-beanutils
arbitrary code execution
webapp
standalone
content repository
apache
usa
cnvd
Apache Jackrabbit is a content repository from Apache (USA). A code execution vulnerability exists in Apache Jackrabbit Webapp/Standalone, which stems from the component commons-beanutils failing to properly filter special elements of constructed snippets. An attacker could exploit the vulnerability to cause arbitrary code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache jackrabbit >=1.0.0, | lt | 2.20.11 | |
| apache jackrabbit >=2.21.0, | lt | 2.21.18 |
Related
cve
cve
CVE-2023-37895
2023-07-25 15:15:13
prion
prion
Deserialization of untrusted data
2023-07-25 15:15:00
nvd
nvd
CVE-2023-37895
2023-07-25 15:15:13
veracode
veracode
Remote Code Execution (RCE)
2023-07-26 07:59:10
osv
osv
Remote code execution in Apache Jackrabbit
2023-07-25 15:30:26
CVE-2023-37895
2023-07-25 15:15:13
cvelist
cvelist
CVE-2023-37895 Apache Jackrabbit RMI access can lead to RCE
2023-07-25 14:02:10
ubuntucve
ubuntucve
CVE-2023-37895
2023-07-25 00:00:00
debiancve
debiancve
CVE-2023-37895
2023-07-25 15:15:13
github
github
Remote code execution in Apache Jackrabbit
2023-07-25 15:30:26
ibm
ibm