UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects Apache Axis: through 1.3. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. Alternatively you could use a build of Axis with the patch from https://github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06 applied. The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | axis | <= 1.4-28+deb12u1 | axis_1.4-28+deb12u1_all.deb |
Debian | 11 | all | axis | <= 1.4-28+deb11u1 | axis_1.4-28+deb11u1_all.deb |
Debian | 10 | all | axis | <= 1.4-28 | axis_1.4-28_all.deb |
Debian | 999 | all | axis | <= 1.4-29 | axis_1.4-29_all.deb |
Debian | 13 | all | axis | <= 1.4-29 | axis_1.4-29_all.deb |