Input validation

UNSUPPORTED WHEN ASSIGNED Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. NOTE: This vulnerability only affects products that are no longer supported by the maintainer The...

CVE-2022-32549

A flaw was found in Apache Sling Commons Log. This flaw allows an attacker to benefit from the flaw and forge logs, allowing cover tracks and potentially corrupting log files...

CVE-2022-32549

The CVE-2022-32549 entries describe a log-injection flaw in Apache Sling Commons Log ≤ 5.4.0 and Apache Sling API ≤ 2.25.0 due to improper input validation. An attacker could forge logs to obscure activity and potentially corrupt log files. Multiple connected sources (NVD, Red Hat, CNVD, OSV, Ver...

CVE-2022-32549 log injection in Sling logging

Apache Sling Commons Log = 5.4.0 and Apache Sling API = 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files...

Apache Sling Commons Messaging Mail Trust Management Issue Vulnerability

Apache Sling Commons Messaging Mail is an open source messaging mail service from the Apache Foundation in the U.S. A trust management issue vulnerability exists in Apache Sling Commons Messaging Mail 1.0.0, which stems from the Apache Sling Commons Messaging Mail provides a simple layer on top o...

GHSA-C69W-JJ56-834W Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

CVE-2021-44549

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...