Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/11 5:4 a.m.8 views

EUVD-2026-36210

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.25 views

CVE-2026-41000 WSS4J validation does not use configured replay cache

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS0.00223EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48623

Name of the Vulnerable Software and Affected Versions Spring Web Services versions 5.0.0 through 5.0.1 Spring Web Services versions 4.1.0 through 4.1.3 Spring Web Services versions 4.0.0 through 4.0.18 Spring Web Services versions 3.1.0 through 3.1.8 Description The Wss4jSecurityInterceptor faile...

3.7CVSS5.8AI score0.00223EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/10 12:0 a.m.8 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack due to the Wss4jSecurityInterceptor class in Wss4jSecurityInterceptor.java not consistently wiring configured Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, replay protections...

6.3CVSS5.4AI score0.00223EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2026/06/10 12:0 a.m.6 views

CVE-2026-41000: WSS4J validation does not use configured replay cache

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS5.8AI score0.00223EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder