Apache软件基金会近日披露了Apache Jackrabbit Core和JCR ...

近日，Apache软件基金会披露了Apache Jackrabbit Core和 JCR Commons组件中一个重要的安全漏洞，编号为 CVE-2025-58782。该漏洞影响了从 1.0.0 到 2.22.1 版本的 Jackrabbit，当系统使用 JndiRepositoryFactory时，可能引发 JNDI（Java命名和目录接口）注入风险。这一消息迅速引发了业界对 Apache Ja ...

You've heard of SQL injection, but HPE has new research into Java server injection flaws that could represent an entirely new attack surface.

JNDI, the Java Naming and Directory Interface, allows applications to access various naming and directory services via a common interface. The figure below shows the JNDI architecture. Like JDBC ...

JFrog explained that the Java Naming and Directory Interface (JNDI) is an API that provides naming and directory functionality for Java applications. H2 is a widely-used open-source Java SQL ...