CNNVD-202507-1806 Information

CNNVD ID

CNNVD-202507-1806

Related CVE

CVE-2025-53689

• CNNVD Published: 2025-07-14

Description (Chinese)

Apache Jackrabbit是美国阿帕奇（Apache）公司的一个内容存储库。 Apache Jackrabbit 2.23.2之前版本存在安全漏洞，该漏洞源于jackrabbit-spi-commons和jackrabbit-core存在盲XXE漏洞。

Description (English)

Apache Jackrabbit is a content repository of Apache Corporation in the United States. A security loophole existed in the pre-Apache Jackrabbit 2.23.2 version, which originated from the blind XXE loophole in Jackrabbit-spi-commons and Jackrabbit-core.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-07-14

Last Modified

2026-02-24

References

https://lists.apache.org/thread/5pf9n76ny13pzzk765og2h3gxdxw7p24 https://access.redhat.com/security/cve/cve-2025-53689

Patch

https://jackrabbit.apache.org/jcr/index.html