CVE-2022-40308
Improper Access Control in maven/org.apache.archiva/archiva-webapp
Identifiers
CVE-2022-40308
Package Slug
maven/org.apache.archiva/archiva-webapp
Vulnerability
Improper Access Control
Description
If anonymous read enabled, it's possible to read the database file directly without logging in.
Affected Versions
All versions before 2.2.9
Solution
Upgrade to version 2.2.9 or above.
Last Modified
2022-11-18
| source |