CVE-2023-26513

🗓️ 20 Mar 2023 13:11:15Reported by apacheType

Excessive Iteration vulnerability in Apache Sling Resource Merger

Reporter	Title	Published	Views	Family All 9
Vulnrichment	CVE-2023-26513 Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS	20 Mar 202312:20	–	vulnrichment
Cvelist	CVE-2023-26513 Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS	20 Mar 202312:20	–	cvelist
OSV	Apache Sling Resource Merger has Excessive Iteration vulnerability	20 Mar 202315:30	–	osv
Veracode	Denial Of Service (DoS)	23 Mar 202319:21	–	veracode
Github Security Blog	Apache Sling Resource Merger has Excessive Iteration vulnerability	20 Mar 202315:30	–	github
Prion	Code injection	20 Mar 202313:15	–	prion
NVD	CVE-2023-26513	20 Mar 202313:15	–	nvd
Tenable Nessus	Adobe Experience Manager 6.5.0.0 < 6.5.17.0 Multiple Vulnerabilities (APSB23-31)	13 Jun 202300:00	–	nessus
Adobe	APSB23-31 : Security update available for Adobe Experience Manager	13 Jun 202300:00	–	adobe

Nvd

Vulners

Node

apache sling_resource_mergerRange1.2.0–1.4.2

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Sling Resource Merger",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "1.4.2",
        "status": "affected",
        "version": "1.2.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread/xpcpo1y88ldss5hgmvogsf6h3735l5zb

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Mar 2023 13:15Current

7.5High risk

Vulners AI Score7.5

CVSS37.5

EPSS0.02231

SSVC

CWE-834