EUVD-2023-1104

Malicious code in bioql PyPI...

CVE-2023-26513

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

Denial Of Service (DoS)

Apache Sling Resource Merger is vulnerable to Denial of Service DoS. The vulnerability is due to a faulty iteration logic in the function getRelativePath in MergedResourceProvider, triggering an infinite loop and consuming excessive CPU memory, possibly leading to a system crash...

Apache Sling Resource Merger has Excessive Iteration vulnerability

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger. This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

GHSA-RWRX-X2HW-9H5W Apache Sling Resource Merger has Excessive Iteration vulnerability

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger. This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

com.adobe.aem:aem-sdk-api (=2020.6.3800.20200626T210738Z-200604), net.distilledcode.aem:aem-touch-ui-support-package (>=0.1.0 <=0.1.32) potentially affected by CVE-2023-26513 via org.apache.sling:org.apache.sling.resourcemerger (=1.3.10)

org.apache.sling:org.apache.sling.resourcemerger MAVEN version =1.3.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sling:org.apache.sling.resourcemerger and may be impacted: - com.adobe.aem:aem-sdk-api =2020.6.3800.20200626T210738Z-20060...

CVE-2023-26513

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

CVE-2023-26513

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

CVE-2023-26513

CVE-2023-26513 describes an Excessive Iteration vulnerability in the Apache Sling Resource Merger. Affected: Apache Sling Resource Merger versions 1.2.0 through 1.4.2. Root cause: not explicitly detailed beyond the excessive iteration issue in the Resource Merger. Impact: potential DoS via reques...

CVE-2023-26513 Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2...

PT-2023-20692 · Apache · Apache Sling Resource Merger

Name of the Vulnerable Software and Affected Versions: Apache Sling Resource Merger versions 1.2.0 through 1.4.2 Description: The issue is related to an Excessive Iteration vulnerability in the Apache Sling Resource Merger. Recommendations: For versions 1.2.0 through 1.4.2, update to version 1.4....

Apache Sling 安全漏洞

Apache Sling is the United States Apache Apache Foundation of a Java platform for open source Web framework. It is designed to create content-centric applications on JSR-170-compliant content repositories such as Apache Jackrabbit. A security vulnerability exists in Apache Sling Resource Merger...