Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Sling ‘deepGetOrCreateNode()’函数拒绝服务漏洞
Vulnerability Description
Apache Sling是美国阿帕奇(Apache)软件基金会的一套用于Java平台上的开源Web框架。该框架可在JCR内容库(Java Content Repository)上创建面向内容的应用。 Apache Sling中的org.apache.sling.servlets.post.bundle 2.2.0和2.3.0版本中的impl/operations/AbstractCreateOperation.java文件中的deepGetOrCreateNode函数中存在拒绝服务漏洞,该漏洞源于程序没有
CVSS Information
N/A
Vulnerability Type
N/A