Date: Mon, 20 Mar 2023 12:11:45 +0000 From: Radu Cotescu <radu@...che.org> To: announce@...che.org, users@...ng.apache.org, dev@...ng.apache.org, oss-security@...ts.openwall.com, security@...ng.apache.org Subject: CVE-2023-26513: Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS Description: Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2. This issue is being tracked as SLING-11776 Credit: Alex Collignon (reporter) References: https://sling.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-26513 https://issues.apache.org/jira/browse/SLING-11776
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.