Apache Software Foundation Apache Jackrabbit Jcr Commons vulnerabilities

1 known vulnerability affecting apache_software_foundation/apache_jackrabbit_jcr_commons.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-58782MEDIUMCVSS 6.5≥ 1.0.0, ≤ 2.22.12025-09-08
CVE-2025-58782 [MEDIUM] CWE-502 CVE-2025-58782: Deserialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Deserialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1; Apache Jackrabbit JCR Commons: from 1.0.0 through 2.22.1. Deployments that accept JNDI URIs for JCR lookup from untrusted users allows them to inject malicious JNDI refere
cvelistv5nvd