Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 1:17 p.m.31 views

Security Bulletin: IBM Sterling B2B Integrator B2B API vulnerable to multiple issues due to Apache CXF

Summary IBM Sterling B2B Integrator uses Apache CXF. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is...

9.8CVSS9.1AI score0.07024EPSS
Exploits6Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/02 10:40 a.m.47 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.0 release and security update

Red Hat JBoss Web Server 5.7.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

7.5CVSS6.7AI score0.07024EPSS
Exploits15References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/30 4:51 p.m.43 views

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2021-22696

Summary IBM TRIRIGA Application Platform discloses CVE-2021-22696 Vulnerability Details CVEID:CVE-2021-22696 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by improper validation of requesturi parameter by the OAuth 2 authorization service. By sending a specially-crafted...

7.5CVSS7.3AI score0.06593EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/01 6:37 p.m.34 views

Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2021-22696)

Summary This security bulletin addresses the vulnerability in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2021-22696 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by improper validation of requestu...

7.5CVSS1.1AI score0.06593EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:2 a.m.58 views

Security Bulletin: Apache CXF Vulnerability Affects IBM Global Mailbox (CVE-2021-22696)

Summary Security vulnerability have been Identified In Apache CXF library shipped with IBM Global Mailbox. Vulnerability Details CVEID: CVE-2021-22696 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by improper validation of requesturi parameter by the OAuth 2 authorization...

7.5CVSS0.5AI score0.06593EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/13 10:31 p.m.3 views

com.treelogic-swe:aws-mock (=1.0), com.treelogic-swe:cxf-stub (=ec2-2013-02-01) potentially affected by CVE-2021-22696 via org.apache.cxf:apache-cxf (=2.7.5)

org.apache.cxf:apache-cxf MAVEN version =2.7.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:apache-cxf and may be impacted: - com.treelogic-swe:aws-mock =1.0 - com.treelogic-swe:cxf-stub =ec2-2013-02-01 Source cves: CVE-2021-22696...

7.5CVSS6.7AI score0.06593EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/05/13 10:31 p.m.7 views

com.kumuluz.ee:kumuluzee-jax-ws-cxf (>=2.6.0 <=3.12.2), net.kieker-monitoring:analysis (>=2.0.0 <=2.0.3) +1 more potentially affected by CVE-2021-22696 via org.apache.cxf:cxf (>=2.7.18 <=3.2.6)

org.apache.cxf:cxf MAVEN version =2.7.18, =2.6.0, =2.0.0, =2.0.3 - org.apache.nutch:nutch =1.10 Source cves: CVE-2021-22696 Source advisory: OSV:GHSA-7Q4H-PJ78-J7VG...

7.5CVSS6.7AI score0.06593EPSS
Exploits0
CVE
CVE
added 2021/04/02 10:5 a.m.255 views

CVE-2021-22696

CVE-2021-22696 affects Apache CXF where improper validation of the request_uri parameter in OAuth 2 flows allows a remote attacker to cause a denial of service on the authorization server. The issue occurs when a JWT-based request uses a request_uri to fetch the token, with insufficient validatio...

7.5CVSS7.4AI score0.06593EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder