CVE-2022-40308
published 2022-11-15CVE-2022-40308: If anonymous read enabled, it's possible to read the database file directly without logging in.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
If anonymous read enabled, it's possible to read the database file directly without logging in.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | archiva | < 2.2.9 | 2.2.9 |
| apache_software_foundation | apache_archiva | Apache Archiva – 2.2.8 | — |