Vulnerabilities > Apache > Jackrabbit > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-25 CVE-2023-37895 Unspecified vulnerability in Apache Jackrabbit
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for remote code execution over RMI. Users are advised to immediately update to versions 2.20.11 or 2.21.18.
network
low complexity
apache
critical
9.8