[MAVEN:GHSA-H595-VWHC-3XWX] Apache Archiva Incorrect Authorization vulnerability
Severity
Moderate
Affected Packages
1
CVEs
1
** UNSUPPORTED WHEN ASSIGNED **
Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.
This issue affects Apache Archiva: from 2.0.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Package | Affected Version |
---|---|
pkg:maven/org.apache.archiva/archiva | >= 2.0.0, <= 2.2.10 |
- ID
- MAVEN:GHSA-H595-VWHC-3XWX
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-h595-vwhc-3xwx
- Published
-
2024-03-01T18:30:23
(6 months ago) - Modified
-
2024-03-01T20:12:19
(6 months ago) - Rights
- Maven Security Team
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:maven/org.apache.archiva/archiva | org.apache.archiva | archiva | >= 2.0.0 <= 2.2.10 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |