CVE-2022-29405 is a vulnerability in Apache Archiva
Published on May 25, 2022

Apache Archiva Arbitrary user password reset vulnerability
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8

NVD

Products Associated with CVE-2022-29405

Want to know whenever a new CVE is published for Apache Archiva? stack.watch will email you.

Apache Archiva

Affected Versions

Apache Software Foundation Apache Archiva:

Version 2.2, <= 2.2.7 is affected.

Exploit Probability

EPSS

1.30%

Percentile

79.49%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-29405 is a vulnerability in Apache ArchivaPublished on May 25, 2022

Products Associated with CVE-2022-29405

Affected Versions

Exploit Probability

CVE-2022-29405 is a vulnerability in Apache Archiva
Published on May 25, 2022