Maven package
org.apache.jackrabbit/oak-core
pkg:maven/org.apache.jackrabbit/oak-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-1940 | — | >= 1.12.0, < 1.24.0 | 1.24.0 | Jan 28, 2020 | The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials |
- CVE-2020-1940Jan 28, 2020affected >= 1.12.0, < 1.24.0fixed 1.24.0
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials