CPE-D27670D1-3586-4D13-9C67-CE42F81E8809 Detail

CPE Details

Apache Software Foundation Archiva 2.2.5

Vendor

apache

Product

archiva

Version

2.2.5

Created

2020-06-24
15h13 +00:00

Modified

2020-06-24
15h13 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:apache:archiva:2.2.5:::::::*

Informations

Vendor

apache

Product

archiva

Version

2.2.5

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-28158	2023-03-29 12h21 +00:00	Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.	6.5	Medium
CVE-2022-40308	2022-11-14 23h00 +00:00	If anonymous read enabled, it's possible to read the database file directly without logging in.	7.5	High
CVE-2022-40309	2022-11-14 23h00 +00:00	Users with write permissions to a repository can delete arbitrary directories.	4.3	Medium
CVE-2022-29405	2022-05-25 05h15 +00:00	In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8	6.5	Medium

Apache Software Foundation Archiva 2.2.5

CPE Details

CPE Name: cpe:2.3:a:apache:archiva:2.2.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:apache:archiva:2.2.5:::::::*