CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection
Severity: Medium
Vendor:
The Apache Software Foundation
Versions Affected:
Apache Archiva all versions before 2.2.5
By providing special values to the archiva login form a attacker is able to
retrieve user
The Apache Archiva team is pleased to announce the release of
Archiva 2.2.5
Archiva is available for download from the web site.
http://archiva.apache.org/download.cgi
Archiva is an application for managing one or more remote
repositories, including administration, artifact handling,
[this newsletter is available online at https://s.apache.org/a97rx ]
Happy Friday! Let's take a look at what the Apache community has been
up to over the past week:
ASF Board – management and oversight of the business affairs of the
corporation in accordance with the Foundation's bylaws.
- Next
The Apache Pulsar team is proud to announce Apache Pulsar version 2.6.0.
Pulsar is a highly scalable, low latency messaging platform running on
commodity hardware. It provides simple pub-sub semantics over topics,
guaranteed at-least-once delivery of messages, automatic cursor management
for