pkg:Maven/org.apache.archiva:archiva

All known vulnerabilities

• HIGH8.0CVE-2017-5657Apache Archiva vulnerable to Cross Site Request Forgery
  from 0, < 2.2.3
• HIGH7.5CVE-2024-27139Apache Archiva Incorrect Authorization vulnerability
  >= 2.0.0, <= 2.2.10
• HIGH7.5CVE-2024-27138Apache Archiva Incorrect Authorization vulnerability
  from 0, <= 2.2.10
• MEDIUM6.5Apache Archiva vulnerable to privilege escalation via stored cross-site scripting (XSS)
  >= 2.0.0, < 2.2.10
• MEDIUM6.5Missing Authorization in Apache Archiva
  from 0, < 2.2.8
• MEDIUM6.5Cross-site scripting in Apache Archiva
  from 0, < 2.2.4
• MEDIUM6.5Improper Input Validation in Apache Archiva
  >= 2.2.0, < 2.2.4
• MEDIUM5.3Injection in Apache Archiva
  from 0, < 2.2.5
• MEDIUM4.8Apache Archiva vulnerable to Cross-site Scripting
  from 0, < 2.2.1
• —Apache Continuum and Archiva vulnerable to Cross-site Scripting
  >= 1.0, < 1.3.4
• —Apache Archiva does not require entry of the administrator's password at the time of modifying a user account
  >= 1.0, < 1.3.2