Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache jackrabbit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows malicious user to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contain...
Apache Jackrabbit
5
CVSSv2
CVE-2020-1940
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials ...
Apache Jackrabbit Oak
6.8
CVSSv2
CVE-2016-6801
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.3, 2.10.x prior to 2.10.4, 2.12.x prior to 2.12.4, and 2.13.x prior to 2.13.3 allows remote mali...
Apache Jackrabbit 2.13.0
Apache Jackrabbit 2.12.2
Apache Jackrabbit 2.10.1
Apache Jackrabbit 2.8.2
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.1
Apache Jackrabbit 2.13.2
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.4.4
Apache Jackrabbit 2.4.3
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.12.1
Apache Jackrabbit 2.12.0
Apache Jackrabbit 2.10.3
Apache Jackrabbit 2.10.2
Apache Jackrabbit 2.6.0
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.13.1
Apache Jackrabbit 2.12.3
Apache Jackrabbit 2.10.0
6.4
CVSSv2
CVE-2015-1833
XML external entity (XXE) vulnerability in Apache Jackrabbit prior to 2.0.6, 2.2.x prior to 2.2.14, 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.1, and 2.10.x prior to 2.10.1 allows remote malicious users to read arbitrary files and send requests to intranet ser...
Apache Jackrabbit 2.2.10
Apache Jackrabbit 2.2.9
Apache Jackrabbit 2.2.0
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.3
Apache Jackrabbit
Apache Jackrabbit 2.2.13
Apache Jackrabbit 2.2.5
Apache Jackrabbit 2.2.4
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.10.0
Apache Jackrabbit 2.2.12
Apache Jackrabbit 2.2.11
Apache Jackrabbit 2.2.2
Apache Jackrabbit 2.2.1
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.6.5
Apache Jackrabbit 2.2.8
Apache Jackrabbit 2.2.7
1 EDB exploit
4 Github repositories
4.3
CVSSv2
CVE-2009-0026
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit prior to 1.5.2 allow remote malicious users to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
Apache Jackrabbit 1.4
Apache Jackrabbit 1.5.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started