Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2012-3353
HistoryMay 09, 2017 - 12:00 a.m.

CVE-2012-3353

2017-05-0900:00:00
apache
www.cve.org

0.001 Low

EPSS

Percentile

31.1%

JSON

The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader

CNA Affected

[
  {
    "product": "Apache Sling",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "JCR ContentLoader 2.1.4"
      }
    ]
  }
]

Related

osv 1
prion 1
nvd 1
cve 1
veracode 1
github 1
osv
osv
Apache Sling JCR ContentLoader XmlReader Arbitrary File Load
2022-05-14 03:46:15
prion
prion
Design/Logic Flaw
2018-01-09 02:29:00
nvd
nvd
CVE-2012-3353
2018-01-09 02:29:02
cve
cve
CVE-2012-3353
2018-01-09 02:29:02
veracode
veracode
Information Disclosure
2018-01-10 02:36:06
github
github
Apache Sling JCR ContentLoader XmlReader Arbitrary File Load
2022-05-14 03:46:15

0.001 Low

EPSS

Percentile

31.1%

JSON
Related for CVELIST:CVE-2012-3353
osv1prion1nvd1cve1veracode1github1