Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.8 views

ai.platon.pulsar:pulsar-persist (>=1.9.0 <=1.10.23), com.argonio.gora:gora-accumulo (>=0.5 <=0.5.1) +94 more potentially affected by CVE-2014-3584 via org.apache.cxf:cxf-rt-frontend-jaxrs (>=2.5.0 <=2.6.10)

org.apache.cxf:cxf-rt-frontend-jaxrs MAVEN version =2.5.0, =1.9.0, =0.5, =0.5, =0.5, =0.5, =0.5, =0.5, =0.5, =1.0.M1, =1.0.M1, =1.0.M2, =0.6.1, =0.9 and more Source cves: CVE-2014-3584 Source advisory: OSV:GHSA-GW5J-77F9-V2G2...

5CVSS7.2AI score0.07177EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.5 views

com.argusoft:medplat_core (>=0.0.1 <=0.0.11), com.argusoft:medplat_lms (=0.0.1) +63 more potentially affected by CVE-2014-3584 via org.apache.cxf:cxf-rt-frontend-jaxrs (=3.0.0)

org.apache.cxf:cxf-rt-frontend-jaxrs MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-frontend-jaxrs and may be impacted: - com.argusoft:medplatcore =0.0.1, =0.1.0, =0.1.0, =0.0.6, =0.0.6, =0.0.6, =0.0.6, =0.0....

5CVSS7.2AI score0.07177EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.7 views

com.github.livesense:org.liveSense.sample.webServiceServlet (>=1.0.3 <=1.0.5), com.github.livesense:org.liveSense.service.cxf (>=1.0.3 <=1.0.5) +286 more potentially affected by CVE-2014-3584 via org.apache.cxf:cxf-rt-frontend-jaxrs (>=2.7.0 <=2.7.7)

org.apache.cxf:cxf-rt-frontend-jaxrs MAVEN version =2.7.0, =1.0.3, =1.0.3, =1.5, =1.5, =1.5, =1.5, =0.2.0, =0.2.0, =1.0.0, =0.4.0, =0.4.1, =0.6.0 - com.treelogic-swe:aws-mock =1.0 and more Source cves: CVE-2014-3584 Source advisory: OSV:GHSA-GW5J-77F9-V2G2...

5CVSS7.2AI score0.07177EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0557)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.6AI score0.09149EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:2 p.m.54 views

Security Bulletin: IBM Security Guardium is affected by Using Components with Known vulnerabilities (multiple CVEs)

Summary IBM Security Guardium is affected by Using Components with Known vulnerabilities. IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2014-3584 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received...

10CVSS1.4AI score0.63029EPSS
Exploits17Affected Software1
Mageia
Mageia
added 2014/12/31 12:28 p.m.69 views

Updated cxf packages fix security vulnerabilities

Updated cxf packages fix security vulnerabilities: An Apache CXF JAX-RS service can process SAML tokens received in the authorization header of a request via the SamlHeaderInHandler. However it is possible to cause an infinite loop in the parsing of this header by passing certain bad values for t...

5.8CVSS7.3AI score0.09149EPSS
Exploits1References5
NVD
NVD
added 2014/10/30 2:55 p.m.33 views

CVE-2014-3584

The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service infinite loop via a crafted SAML token in the authorization header of a request to a JAX-RS service...

5CVSS6.4AI score0.07177EPSS
Exploits0References11
CVE
CVE
added 2014/10/30 2:0 p.m.85 views

CVE-2014-3584

The vulnerability CVE-2014-3584 affects Apache CXF’s SamlHeaderInHandler. In CXF versions before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1, a crafted SAML token in the authorization header to a JAX-RS service can trigger an infinite loop, causing a denial of service. Remediation is to up...

5CVSS6.8AI score0.07177EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder