Lucene search
ApacheCVELIST:CVE-2022-46364HistoryDec 13, 2022 - 4:20 p.m.
CVE-2022-46364 Apache CXF SSRF Vulnerability
2022-12-1316:20:26
CWE-918
apache
www.cve.org
apache cxf
ssrf
mtom requests
A SSRF vulnerability in parsing theย href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache CXF",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "3.5.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.4.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-46364
2022-12-13 17:15:17
Apache CXF Server-Side Request Forgery vulnerability
2022-12-13 18:30:26
cve
cve
CVE-2022-46364
2022-12-13 17:15:17
ibm
ibm
prion
prion
Server side request forgery (ssrf)
2022-12-13 17:15:00
veracode
veracode
Server-side Request Forgery (SSRF)
2022-12-14 02:50:22
nessus
nessus
Oracle Business Intelligence Publisher (OBIEE) (July 2023 CPU)
2023-07-21 00:00:00
Zimbra Collaboration Server 9.0.0 < 9.0.0 Patch 33 Multiple Vulnerabilities
2023-07-20 00:00:00
nvd
nvd
CVE-2022-46364
2022-12-13 17:15:17
redhat
redhat
redhatcve
redhatcve
CVE-2022-46364
2022-12-21 22:01:38
github
github
Apache CXF Server-Side Request Forgery vulnerability
2022-12-13 18:30:26
qualysblog
qualysblog
Oracle Patch Tuesday April 2023 Security Update Review
2023-04-19 11:47:21
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00