EUVD-2026-36402

A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...

EUVD-2012-4780

Malware in sbrugna...

Apache CXF 安全漏洞

Apache CXF is an open source Web services framework from the US Apache Apache Foundation. The framework supports a variety of Web service standards, a variety of front-end programming APIs, and so on. A security vulnerability exists in Apache CXF that stems from allowing the use of RMI or LDAP UR...

Apache CXF 资源管理错误漏洞

Apache CXF is an open source Web services framework from the US Apache Apache Foundation. The framework supports a variety of Web service standards, a variety of front-end programming APIs and so on. A security vulnerability exists in Apache CXF that stems from improper handling of temporary file...

The vulnerability of the Apache WSS4J software lies in its authentication process’s flaws, which allow attackers to bypass the authentication process.

The vulnerability of the Apache WSS4J software framework and the Apache CXF framework for web services is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process...

Mageia: Security Advisory (MGASA-2014-0001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache CXF Cross-Site Scripting Vulnerability (CNVD-2020-66585)

Apache CXF is the United States Apache Apache Software Foundation of an open source Web services framework. The framework supports a variety of Web services standards , a variety of front-end programming APIs. A cross-site scripting vulnerability exists in Apache CXF version 3.4.1 and all version...

Apache CXF Fediz Security Bypass Vulnerability

Apache CXF is the United States Apache Apache Software Foundation of an open source Web services framework. The framework supports a variety of Web services standards , a variety of front-end programming APIs , etc. Apache CXF Fediz is one of the subprojects , mainly used to provide authenticatio...

Apache CXF Denial of Service Vulnerabilities Patched

The Apache Software Foundation has patched a denial of service vulnerability in the XML parser of the Apache CXF Web services framework. Researchers, Andreas Falkenberg from Sec Consult Vulnerability Labs, and Christian Mainka, Juraj Somorovsky, and Joerg Schwenk from Ruhr-University Bochum,...

CVE-2012-4855

Unspecified vulnerability in the web services framework in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to cause a denial of service login outage via unknown vectors...