oss-sec mailing list archives
CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories
From: Olivier Lamy <olamy () apache org>
Date: Tue, 15 Nov 2022 11:35:59 +0000
Description: Users with write permissions to a repository can delete arbitrary directories. Credit: Thanks to L3yx of Syclover Security Team
Current thread:
- CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories Olivier Lamy (Nov 15)