9 matches found
com.fluxcorp.plugins:webservice-trigger (>=1.0.2 <=1.0.4), com.github.mkluas:web-admin (>=1.0.0 <=1.1.0) +66 more potentially affected by CVE-2014-0034 via org.apache.cxf:cxf-rt-ws-security (>=2.0.6 <=2.6.11)
org.apache.cxf:cxf-rt-ws-security MAVEN version =2.0.6, =1.0.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.0.3, =2.5.0, =2.5.0, =2.5.0, =2.1.7, =2.5.0, =2.6.11 and more Source cves: CVE-2014-0034 Source advisory: OSV:GHSA-38X2-FP9M-87MX...
br.com.esec.icpm:certillion-client-library (>=1.1.7 <=1.2.0), br.com.esec.icpm:certillion-client-library-resteasy-plugin (>=1.1.9 <=1.1.10) +59 more potentially affected by CVE-2014-0034 via org.apache.cxf:cxf-rt-ws-security (>=2.7.0 <=2.7.8)
org.apache.cxf:cxf-rt-ws-security MAVEN version =2.7.0, =1.1.7, =1.1.9, =1.2.5, =1.0, =0.6.49, =0.6.49, =1.0.1, =1.0.0, =1.0.0, =1.1, =2.11.0, =2.13.4 and more Source cves: CVE-2014-0034 Source advisory: OSV:GHSA-38X2-FP9M-87MX...
Security Bulletin: Multiple Apache Commons FileUpload vulnerabilities affects IBM Tivoli Business Service Manager (CVE-2014-0034, CVE-2014-0050, CVE-2013-2186, CVE-2016-3092)
Summary A vulnerability has been identified in the Apache Commons FileUpload shipped with IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Apache Commons FileUpload has been published in a security bulletin. Vulnerability Details CVEID: CVE-2014-0034...
Fedora Update for cxf-build-utils FEDORA-2015-4726
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for cxf-xjc-utils FEDORA-2015-4726
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for opensaml-java-xmltooling FEDORA-2015-4726
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : cxf-2.7.11-1.fc22 / cxf-build-utils-2.6.0-1.fc22 / cxf-xjc-utils-2.6.2-1.fc22 / etc (2015-4726)
CXF upgrade to 2.7.11. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
CVE-2014-0034
CVE-2014-0034 affects Apache CXF: the SecurityTokenService (STS) does not properly validate SAML tokens when caching is enabled, enabling a remote attacker to gain access with an invalid SAML token. Affected: CXF before 2.6.12 and 2.7.x before 2.7.9. Root cause: inadequate validation of SAML toke...
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.2.4 update (Moderate) (RHSA-2014:0798)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0798 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. Apache CXF is an op...