VYPR

Jackrabbit Oak

by Apache

CVEs (1)

  • CVE-2020-1940Jan 28, 2020
    risk 0.00cvss epss 0.05

    The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials…