4 matches found
CXF: directory listing / code exfiltration
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to ...
CXF: directory listing / code exfiltration
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to ...
Path Traversal
cxf-rt-transports-http is vulnerable to Path Traversal. The vulnerability exists in the handleRequest function of AbstractHTTPServlet.java when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes, allowing an attacker to access any path on the syst...
GHSA-3W37-5P3P-JV92 Apache CXF vulnerable to Exposure of Sensitive Information
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes...