pkg:maven/org.apache.archiva/archiva
Type
maven
Namespace
org.apache.archiva
Name
archiva
Known advisories, vulnerabilities and fixes for org.apache.archiva/archiva package.
High
1
Moderate
8
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.2.8 |
CVE-2022-29405
|
MAVEN:GHSA-5HQC-X78W-3CMW | Missing Authorization in Apache Archiva | moderate |
2022-05-26T00:01:31
(2 years ago) |
|
Fixed | = 2.2.8 |
CVE-2022-29405
|
MAVEN:GHSA-5HQC-X78W-3CMW | Missing Authorization in Apache Archiva | moderate |
2022-05-26T00:01:31
(2 years ago) |
|
Affected | < 2.2.1 |
CVE-2016-5005
|
MAVEN:GHSA-8JFM-RGMG-3WQ2 | Apache Archiva vulnerable to Cross-site Scripting | moderate |
2022-05-14T01:09:51
(2 years ago) |
|
Fixed | = 2.2.1 |
CVE-2016-5005
|
MAVEN:GHSA-8JFM-RGMG-3WQ2 | Apache Archiva vulnerable to Cross-site Scripting | moderate |
2022-05-14T01:09:51
(2 years ago) |
|
Affected | < 2.2.4 |
CVE-2019-0213
|
MAVEN:GHSA-CQCF-4G4H-RGHF | Cross-site scripting in Apache Archiva | moderate |
2019-05-14T04:00:31
(5 years ago) |
|
Fixed | = 2.2.4 |
CVE-2019-0213
|
MAVEN:GHSA-CQCF-4G4H-RGHF | Cross-site scripting in Apache Archiva | moderate |
2019-05-14T04:00:31
(5 years ago) |
|
Affected | >= 2.0.0, <= 2.2.10 |
CVE-2024-27139
|
MAVEN:GHSA-H595-VWHC-3XWX | Apache Archiva Incorrect Authorization vulnerability | moderate |
2024-03-01T18:30:23
(6 months ago) |
|
Affected | < 2.2.3 |
CVE-2017-5657
|
MAVEN:GHSA-HF4P-MHC8-X2GP | Apache Archiva vulnerable to Cross Site Request Forgery | high |
2022-05-14T01:09:51
(2 years ago) |
|
Fixed | = 2.2.3 |
CVE-2017-5657
|
MAVEN:GHSA-HF4P-MHC8-X2GP | Apache Archiva vulnerable to Cross Site Request Forgery | high |
2022-05-14T01:09:51
(2 years ago) |
|
Affected | >= 2.2.0, < 2.2.4 |
CVE-2019-0214
|
MAVEN:GHSA-JXGM-9F58-W4XP | Improper Input Validation in Apache Archiva | moderate |
2019-05-14T04:00:21
(5 years ago) |
|
Fixed | = 2.2.4 |
CVE-2019-0214
|
MAVEN:GHSA-JXGM-9F58-W4XP | Improper Input Validation in Apache Archiva | moderate |
2019-05-14T04:00:21
(5 years ago) |
|
Affected | >= 2.0.0, < 2.2.10 |
CVE-2023-28158
|
MAVEN:GHSA-QF34-F43R-GV9P | Apache Archiva vulnerable to privilege escalation via stored cross-site scripting (XSS) | moderate |
2023-03-29T15:30:17
(17 months ago) |
|
Fixed | = 2.2.10 |
CVE-2023-28158
|
MAVEN:GHSA-QF34-F43R-GV9P | Apache Archiva vulnerable to privilege escalation via stored cross-site scripting (XSS) | moderate |
2023-03-29T15:30:17
(17 months ago) |
|
Affected | <= 2.2.10 |
CVE-2024-27138
|
MAVEN:GHSA-RV4H-M4WC-V99W | Apache Archiva Incorrect Authorization vulnerability | moderate |
2024-03-01T18:30:23
(6 months ago) |
|
Affected | < 2.2.5 |
CVE-2020-9495
|
MAVEN:GHSA-V83P-XWM9-V4G8 | Injection in Apache Archiva | moderate |
2022-02-10T23:06:22
(2 years ago) |
|
Fixed | = 2.2.5 |
CVE-2020-9495
|
MAVEN:GHSA-V83P-XWM9-V4G8 | Injection in Apache Archiva | moderate |
2022-02-10T23:06:22
(2 years ago) |