High severityNVD Advisory· Published Mar 20, 2023· Updated Feb 13, 2025
Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS
CVE-2023-26513
Description
Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.sling:org.apache.sling.resourcemergerMaven | >= 1.2.0, < 1.4.2 | 1.4.2 |
Affected products
2- Range: 1.2.0
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-rwrx-x2hw-9h5wghsaADVISORY
- lists.apache.org/thread/xpcpo1y88ldss5hgmvogsf6h3735l5zbghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-26513ghsaADVISORY
- issues.apache.org/jira/browse/SLING-11776ghsaWEB
News mentions
0No linked articles in our index yet.