12 matches found
org.apache.neethi: Apache Neethi: Denial of Service via circular policy references
A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...
CVE-2026-42403
A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...
Denial Of Service
Apache Neethi is vulnerable to Denial of Service.The vulnerability is due to improper handling of circular references during policy normalization, where recursive policy references are not detected, leading to infinite loops or excessive recursion that can cause stack overflow or application hang...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop when processing circular policy references. An attacker can cause denial of service by submitting malicious policy documents containing circular references. Remediation Upgrade org.apache.neethi:neethi to version 3.2.2 or...
Apache Neethi does not properly detect circular references in policy definitions.
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
GHSA-2HFH-9H53-QC24 Apache Neethi does not properly detect circular references in policy definitions.
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
CVE-2026-42403
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
EUVD-2026-26486
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
CVE-2026-42403
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
CVE-2026-42403 Apache Neethi: Circular Policy Reference Infinite Loop
Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...
CVE-2026-42403
Apache Neethi (CVE-2026-42403) can fail to detect circular WS-Policy references during policy normalization, causing infinite recursion or an infinite loop that may lead to stack overflow or application hang. An attacker can craft policy documents with circular references, resulting in Denial of ...
Apache Neethi 资源管理错误漏洞
Apache Neethi is a policy processing framework library developed by the Apache Foundation. There is a resource management vulnerability in Apache Neethi; this vulnerability stems from an improper detection of circular references in policy definitions. This can cause the policy normalization proce...