Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2022/11/16 12:0 a.m.20 views

Apache Archiva < 2.2.9 Multiple Vulnerabilities

Apache Archiva is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:archiva"; if...

7.5CVSS5.4AI score0.01355EPSS
Exploits0References3
NVD
NVD
added 2022/11/15 1:15 p.m.26 views

CVE-2022-40308

If anonymous read enabled, it's possible to read the database file directly without logging in...

7.5CVSS0.01192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/15 12:0 a.m.7 views

CVE-2022-40308 Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files

If anonymous read enabled, it's possible to read the database file directly without logging in...

6.7AI score0.01192EPSS
Exploits0References2
CVE
CVE
added 2022/11/15 12:0 a.m.91 views

CVE-2022-40308

CVE-2022-40308 affects Apache Archiva prior to version 2.2.9. The issue allows an unauthenticated user, when anonymous read is enabled, to read the database file directly, effectively exposing stored data. The vulnerability originates from the ability to read repository/database files without log...

7.5CVSS7.4AI score0.01192EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/11/15 12:0 a.m.24 views

CVE-2022-40308 Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files

If anonymous read enabled, it's possible to read the database file directly without logging in...

7.5CVSS7AI score0.01192EPSS
Exploits0References4
Rows per page
Query Builder