2 matches found
Improper Validation of Specified Type of Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the DispatchMDBMessageListenerImpl method. An attacker can achieve arbitrary code execution by providing crafted values in the JCA deployment descriptor ra.xml or runtime activation...
CVE-2026-50633
The CVE-2026-50633 issue is a JNDI Injection vulnerability in Apache CXF’s JCA integration module (DispatchMDBMessageListenerImpl). The vulnerability allows code execution when an attacker can manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Affected software is...