org.apache.sling:org.apache.sling.jcr.contentloader@2.1.0 vulnerabilities
-
latest version
2.6.0
-
latest non vulnerable version
-
first published
15 years ago
-
latest version published
a year ago
-
licenses detected
- [2.0.2-incubator,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.sling:org.apache.sling.jcr.contentloader package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.sling:org.apache.sling.jcr.contentloader is a framework for RESTful web-applications based on an extensible content tree. Affected versions of this package are vulnerable to Arbitrary File Import. The attacker may import arbitrary files in the content repository, including local files, causing potential information leaks. How to fix Arbitrary File Import? Upgrade |
[,2.1.6)
|