Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2025/09/08 9:31 a.m.11 views

Apache Jackrabbit: Core and JCR Commons are vulnerable to Deserialization of Untrusted Data

There is a serialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1; Apache Jackrabbit JCR Commons: from 1.0.0 through 2.22.1. Deployments that accept JNDI URIs for JCR lookup fr...

6.5CVSS8.1AI score0.01286EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2025/09/08 9:31 a.m.3 views

GHSA-CXVC-G8F2-4GMM Apache Jackrabbit: Core and JCR Commons are vulnerable to Deserialization of Untrusted Data

There is a serialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1; Apache Jackrabbit JCR Commons: from 1.0.0 through 2.22.1. Deployments that accept JNDI URIs for JCR lookup fr...

6.5CVSS6.3AI score0.01286EPSS
Exploits0References6
NVD
NVD
added 2025/09/08 9:15 a.m.15 views

CVE-2025-58782

Deserialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1; Apache Jackrabbit JCR Commons: from 1.0.0 through 2.22.1. Deployments that accept JNDI URIs for JCR lookup from...

6.5CVSS0.01286EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/07/16 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-24847

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. The same can...

7.2CVSS6AI score0.01465EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2020/11/11 7:53 a.m.41 views

Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind

CVE-2020-8840 Analysis and reproduction of the Jackson-databin...

9.8CVSS7.7AI score0.26587EPSS
Exploits5
Rows per page
Query Builder