Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.12 views

CVE-2026-44618

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

5.3CVSS5.4AI score0.00338EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/22 3:47 p.m.9 views

org.apache.cxf:apache-cxf (=4.2.0), org.apache.cxf:cxf-distribution-javadoc (=4.2.0) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (=4.2.0)

org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-ws-transfer and may be impacted: - org.apache.cxf:apache-cxf =4.2.0 - org.apache.cxf:cxf-distribution-javadoc =4.2.0 Source cve...

5.3CVSS5.4AI score0.00338EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/22 12:17 p.m.42 views

CVE-2026-44618 Apache CXF: XXE vulnerability in WS-Transfer functionality

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/22 12:17 p.m.18 views

CVE-2026-44618 Apache CXF: XXE vulnerability in WS-Transfer functionality

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

5.7AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:17 p.m.10 views

CVE-2026-44618

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

5.3CVSS5.7AI score0.00338EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.16 views

PT-2026-42754

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.1 Apache CXF versions prior to 4.1.6 Apache CXF versions prior to 3.6.11 Description Insecure XML parser configuration in the WS-Transfer module may allow attackers to perform XML External Entity XXE attacks. X...

5.3CVSS5.8AI score0.00338EPSS
Exploits0References7
Rows per page
Query Builder