cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-37895,https://securityvulnerability.io/vulnerability/CVE-2023-37895,Apache Jackrabbit RMI access can lead to RCE,"A Java object deserialization flaw exists in the Jackrabbit webapp/standalone, enabling attackers to remotely execute code via RMI using the vulnerable 'commons-beanutils' component. This threat affects versions up to 2.20.10 (stable) and 2.21.17 (unstable). Users are strongly advised to update to safer releases: 2.20.11 or 2.21.18. Additionally, deploying other components alongside Jackrabbit may expose servers to similar vulnerabilities. For enhanced security, RMI access should be disabled to mitigate these risks.",Apache,"Apache Jackrabbit Webapp (jackrabbit-webapp),Apache Jackrabbit Standalone (jackrabbit-standalone And Jackrabbit-standalone-components)",9.8,CRITICAL,0.017839999869465828,false,,false,false,false,,,false,false,,2023-07-25T15:15:00.000Z,0