Vulnerabilities > Apache > Sling JCR Base > 3.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-14 | CVE-2023-25141 | Injection vulnerability in Apache Sling JCR Base Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. | 7.5 |