CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server
Severity: Medium
Vendor:
The Apache Software Foundation
Versions Affected:
Apache Archiva 2.0.0 - 2.2.3
The unsupported versions 1.x are also affected.
It is possible to write files to the archiva server at
CVE-2019-0213: Apache Archiva Stored XSS
Severity: Low
Vendor:
The Apache Software Foundation
Versions Affected:
Apache Archiva 2.0.0 - 2.2.3
The unsupported versions 1.x are also affected.
It may be possible to store malicious XSS code into central configuration
entries, i.e. the
The Apache Archiva team is pleased to announce the release of
Archiva 2.2.4.
Archiva is available for download from the web site.
Archiva is an application for managing one or more remote
repositories, including administration, artifact handling, browsing
and searching.
If you have any
Hi,
will be published in the next days.
But it's only a bugfix release. No new features.
Regards
Martin
Am 29. April 2019 21:25:33 MESZ schrieb "Mirabito, Massimo (Max)
(CDC/DDID/NCHHSTP/OD) (CTR)" :
>Dear All,
>
>We are running Archiva V2.2.3 on Windows. I just noticed that there is
>a