Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache jackrabbit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows malicious user to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contain...
Apache Jackrabbit
445
VMScore
CVE-2020-1940
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials ...
Apache Jackrabbit Oak
606
VMScore
CVE-2016-6801
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.3, 2.10.x prior to 2.10.4, 2.12.x prior to 2.12.4, and 2.13.x prior to 2.13.3 allows remote mali...
Apache Jackrabbit 2.13.0
Apache Jackrabbit 2.12.2
Apache Jackrabbit 2.10.1
Apache Jackrabbit 2.8.2
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.1
Apache Jackrabbit 2.13.2
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.4.4
Apache Jackrabbit 2.4.3
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.12.1
Apache Jackrabbit 2.12.0
Apache Jackrabbit 2.10.3
Apache Jackrabbit 2.10.2
Apache Jackrabbit 2.6.0
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.13.1
Apache Jackrabbit 2.12.3
Apache Jackrabbit 2.10.0
646
VMScore
CVE-2015-1833
XML external entity (XXE) vulnerability in Apache Jackrabbit prior to 2.0.6, 2.2.x prior to 2.2.14, 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.1, and 2.10.x prior to 2.10.1 allows remote malicious users to read arbitrary files and send requests to intranet ser...
Apache Jackrabbit 2.2.10
Apache Jackrabbit 2.2.9
Apache Jackrabbit 2.2.0
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.3
Apache Jackrabbit
Apache Jackrabbit 2.2.13
Apache Jackrabbit 2.2.5
Apache Jackrabbit 2.2.4
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.10.0
Apache Jackrabbit 2.2.12
Apache Jackrabbit 2.2.11
Apache Jackrabbit 2.2.2
Apache Jackrabbit 2.2.1
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.6.5
Apache Jackrabbit 2.2.8
Apache Jackrabbit 2.2.7
1 EDB exploit
4 Github repositories
440
VMScore
CVE-2009-0026
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit prior to 1.5.2 allow remote malicious users to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
Apache Jackrabbit 1.4
Apache Jackrabbit 1.5.0
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started