Lucene search
HistoryJul 19, 2024 - 9:15 a.m.
CVE-2024-32007
cve-2024-32007
apache cxf jose
denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.0%
An improper input validation of theΒ p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9Β allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.
Affected configurations
Node
apachecxfRange<3.5.9
ORapachecxfRange3.6.0β3.6.4
ORapachecxfRange4.0.0β4.0.5
Related
osv
osv
Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 09:32:06
CVE-2024-32007
2024-07-19 09:15:04
vulnrichment
vulnrichment
CVE-2024-32007 Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 08:50:31
cvelist
cvelist
CVE-2024-32007 Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 08:50:31
redhatcve
redhatcve
CVE-2024-32007
2024-07-23 09:17:37
github
github
Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 09:32:06
veracode
veracode
Denial Of Service (DoS)
2024-07-21 13:53:04
atlassian
atlassian
cve
cve
CVE-2024-32007
2024-07-19 09:15:04
nessus
nessus
Apache CXF < 3.5.9, 3.6.x < 3.6.4, 4.0.x < 4.0.5 Multiple Vulnerabilities
2024-07-26 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.0%
Related for NVD:CVE-2024-32007