Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2018/10/18 4:57 p.m.7 views

org.apache.cxf.fediz.examples:jaxrsSpringSecurityWebapp (>=1.3.0 <=1.3.2), org.apache.cxf.fediz.examples:springPreauthWebapp (>=1.1.0 <=1.3.2) +6 more potentially affected by CVE-2017-12631 via org.apache.cxf.fediz:fediz-spring (>=1.1.0 <=1.3.2)

org.apache.cxf.fediz:fediz-spring MAVEN version =1.1.0, =1.3.0, =1.1.0, =1.1.0, =1.2.0, =1.2.0, =1.1.0, =1.1.0, =1.1.0, =1.3.2 Source cves: CVE-2017-12631 Source advisory: OSV:GHSA-FV7X-4HPC-HF9F...

8.8CVSS7.2AI score0.01609EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2018/10/18 4:57 p.m.5 views

org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring3 (>=1.4.0 <=1.4.2), org.apache.cxf.fediz:apache-fediz (>=1.4.1 <=1.4.2) potentially affected by CVE-2017-12631 via org.apache.cxf.fediz:fediz-spring3 (>=1.4.0 <=1.4.2)

org.apache.cxf.fediz:fediz-spring3 MAVEN version =1.4.0, =1.4.0, =1.4.1, =1.4.2 Source cves: CVE-2017-12631 Source advisory: OSV:GHSA-FV7X-4HPC-HF9F...

8.8CVSS7.2AI score0.01609EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2018/10/18 4:57 p.m.6 views

org.apache.cxf.fediz.examples:spring2Webapp (>=1.4.0 <=1.4.2), org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring2 (>=1.4.0 <=1.4.2) +1 more potentially affected by CVE-2017-12631 via org.apache.cxf.fediz:fediz-spring2 (>=1.4.0 <=1.4.2)

org.apache.cxf.fediz:fediz-spring2 MAVEN version =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.2 Source cves: CVE-2017-12631 Source advisory: OSV:GHSA-FV7X-4HPC-HF9F...

8.8CVSS7.2AI score0.01609EPSS
Exploits3
CVE
CVE
added 2017/11/30 2:0 p.m.79 views

CVE-2017-12631

CVE-2017-12631 affects Apache CXF Fediz WS-Federation plugins (Spring 2, 3, 4). The root cause is a CSRF vulnerability that can cause a security context to be established using a malicious client’s roles for the end user. Affected components are the Fediz Spring plugins in versions before 1.4.3 a...

8.8CVSS8.6AI score0.01609EPSS
Exploits3References9Affected Software1
Rows per page
Query Builder