CVE-2023-37895 | Apache Jackrabbit up to 2.20.10/2.21.17 deserialization

A vulnerability classified as critical has been found in Apache Jackrabbit up to 2.20.10/2.21.17. Affected is an unknown function. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2023-37895. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.