All 11 CVE vulnerabilities found in Apache Archiva, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-27138 | Apache Archiva: disabling user registration is not effective CWE-863 | 7.5 | - | 2024-03-01 |
| CVE-2024-27139 | Apache Archiva: incorrect authentication potentially leading to account takeover CWE-863 | 9.1 | - | 2024-03-01 |
| CVE-2024-27140 | Apache Archiva: reflected XSS CWE-79 | 6.1 | - | 2024-03-01 |
| CVE-2023-28158 | Apache Archiva privilege escalation CWE-79 | 6.5 | Medium | 2023-03-29 |
| CVE-2022-40308 | Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files | 7.5 | - | 2022-11-15 |
| CVE-2022-40309 | Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories | 4.3 | - | 2022-11-15 |
| CVE-2022-29405 | Apache Archiva Arbitrary user password reset vulnerability | 8.1 | - | 2022-05-25 |
| CVE-2020-9495 | Apache Archiva 注入漏洞 | 4.3 | - | 2020-06-19 |
| CVE-2019-0214 | Apache Archiva 输入验证错误漏洞 | 6.5 | - | 2019-04-30 |
| CVE-2019-0213 | Apache Archiva 跨站脚本漏洞 | 4.1 | - | 2019-04-30 |
| CVE-2017-5657 | Apache Archiva 跨站请求伪造漏洞 | 8.8 | - | 2017-05-22 |
All 11 known CVE vulnerabilities affecting Apache Archiva with full Chinese analysis, references, and POCs where available.