5 matches found
org.apache.cxf.fediz:apache-fediz (>=1.3.0 <=1.3.1) potentially affected by CVE-2017-7661 via org.apache.cxf.fediz:fediz-jetty9 (>=1.3.0 <=1.3.1)
org.apache.cxf.fediz:fediz-jetty9 MAVEN version =1.3.0, =1.3.0, =1.3.1 Source cves: CVE-2017-7661 Source advisory: OSV:GHSA-WHW7-H25V-9QVX...
org.apache.cxf.fediz.examples:spring2Webapp (>=1.3.0 <=1.3.1), org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring2 (>=1.3.0 <=1.3.1) +1 more potentially affected by CVE-2017-7661 via org.apache.cxf.fediz:fediz-spring2 (>=1.3.0 <=1.3.1)
org.apache.cxf.fediz:fediz-spring2 MAVEN version =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.3.1 Source cves: CVE-2017-7661 Source advisory: OSV:GHSA-WHW7-H25V-9QVX...
org.apache.cxf.fediz:apache-fediz (>=1.3.0 <=1.3.1) potentially affected by CVE-2017-7661 via org.apache.cxf.fediz:fediz-jetty8 (>=1.3.0 <=1.3.1)
org.apache.cxf.fediz:fediz-jetty8 MAVEN version =1.3.0, =1.3.0, =1.3.1 Source cves: CVE-2017-7661 Source advisory: OSV:GHSA-WHW7-H25V-9QVX...
org.apache.cxf.fediz.examples:spring2Webapp (>=1.1.0 <=1.2.3), org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring2 (>=1.2.0 <=1.2.3) +2 more potentially affected by CVE-2017-7661 via org.apache.cxf.fediz:fediz-spring2 (>=1.1.0 <=1.2.3)
org.apache.cxf.fediz:fediz-spring2 MAVEN version =1.1.0, =1.1.0, =1.2.0, =1.1.0, =1.1.0, =1.2.3 Source cves: CVE-2017-7661 Source advisory: OSV:GHSA-WHW7-H25V-9QVX...
CVE-2017-7661
CVE-2017-7661 affects Apache CXF Fediz container-specific WS-Federation plugins (Spring 2, Spring 3, Jetty 8, Jetty 9) in CXF Fediz prior to versions 1.4.0, 1.3.2, and 1.2.4. The issue is described as a CSRF‑style vulnerability. The connected documents confirm the affected plugins and versions bu...