Maven package
org.apache.sling/org.apache.sling.jcr.base
pkg:maven/org.apache.sling/org.apache.sling.jcr.base
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25141 | — | < 3.1.12 | 3.1.12 | Feb 14, 2023 | Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a re |
- CVE-2023-25141Feb 14, 2023affected < 3.1.12fixed 3.1.12
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a re