CVE-2023-37895 Information

Description

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component ## Reference https://lists.apache.org/list.html?users@jackrabbit.apache.org http://www.openwall.com/lists/oss-security/2023/07/25/8 https://lists.apache.org/thread/j03b3qdhborc2jrhdc4d765d3jkh8bfw Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component