Lucene search
K

57 matches found

CVE
CVE
added 2021/09/19 12:0 a.m.721 views

CVE-2021-40690

The CVE-2021-40690 issue affects Apache Santuario – XML Security for Java. All versions prior to 2.2.3 and 2.1.7 are vulnerable due to the "secureValidation" property not being passed when creating a KeyInfo from a KeyInfoReference element, enabling an XPath Transform abuse to extract local .xml ...

7.5CVSS7.4AI score0.10448EPSS
CVE
CVE
added 2022/12/13 4:20 p.m.450 views

CVE-2022-46364

CVE-2022-46364 describes an SSRF in Apache CXF when parsing the href attribute of XOP:Include in MTOM requests, affecting CXF versions before 3.5.5 and 3.4.10. The vulnerability enables SSRF-style attacks on webservices with at least one parameter. Remediation is to upgrade to CXF 3.5.5+ or 3.4.1...

9.8CVSS9.4AI score0.0193EPSS
CVE
CVE
added 2024/03/15 10:27 a.m.389 views

CVE-2024-28752

CVE-2024-28752 is a SSRF vulnerability in Apache CXF’s Aegis DataBinding. Affected CXF versions are those before 4.0.4, 3.6.3, and 3.5.8; the issue enables SSRF-style attacks on web services that take at least one parameter. Other data bindings (including default) are not impacted. Remediation: u...

9.3CVSS8.2AI score0.05849EPSS
CVE
CVE
added 2025/01/21 9:35 a.m.368 views

CVE-2025-23184

CVE-2025-23184 describes a potential denial-of-service in Apache CXF where CachedOutputStream instances may not be closed in edge cases, risking file-system exhaustion if backed by temporary files on servers or clients. Affected CXF versions are before 3.5.10, 3.6.5, and 4.0.6. The NVD/Apache-mod...

7.5CVSS5.6AI score0.01941EPSS
CVE
CVE
added 2022/12/13 2:46 p.m.348 views

CVE-2022-46363

CVE-2022-46363 involves Apache CXF. The vulnerability arises when CXFServlet is configured with both static-resources-list and redirect-query-check attributes, enabling remote directory listing or code exfiltration. Affected CXF versions are pre-3.5.5 and pre-3.4.10. The IBM security bulletin cor...

7.5CVSS8.4AI score0.01193EPSS
CVE
CVE
added 2021/06/16 12:0 p.m.257 views

CVE-2021-30468

CVE-2021-30468 is a denial-of-service issue in Apache CXF caused by an infinite loop in the JsonMapObjectReaderWriter. Connected IBM advisories confirm the vulnerability affects CXF usage in IBM products (e.g., Tivoli Network Manager IP Edition and IBM Security Guardium) and list the affected CXF...

7.5CVSS7.4AI score0.07024EPSS
CVE
CVE
added 2019/11/06 8:18 p.m.254 views

CVE-2019-12419

CVE-2019-12419 affects Apache CXF OpenId Connect token service prior to CXF 3.3.4 and 3.2.11, where the authenticated principal is not validated against the supplied clientId in the request. This could allow an attacker who obtained an authorization code for one client to exchange it for an acces...

9.8CVSS9.1AI score0.13836EPSS
CVE
CVE
added 2021/04/02 10:5 a.m.254 views

CVE-2021-22696

CVE-2021-22696 affects Apache CXF where improper validation of the request_uri parameter in OAuth 2 flows allows a remote attacker to cause a denial of service on the authorization server. The issue occurs when a JWT-based request uses a request_uri to fetch the token, with insufficient validatio...

7.5CVSS7.4AI score0.06593EPSS
CVE
CVE
added 2020/01/16 5:50 p.m.243 views

CVE-2019-17573

CVE-2019-17573 is an XSS vulnerability in Apache CXF affecting WebSphere Application Server Liberty’s WebSphere JAX-WS components via the CXF /services listing page. Public docs confirm the issue and cite the vulnerable surface as CXF’s endpoint listing, with exploitation potentially executing sc...

6.1CVSS5.7AI score0.07055EPSS
CVE
CVE
added 2019/11/06 8:7 p.m.222 views

CVE-2019-12406

CVE-2019-12406 describes a denial-of-service in Apache CXF where a message can include an excessive number of attachments. The fixed releases (CXF 3.3.4 and 3.2.11) enforce a default attachment limit of 50, configurable via the attachment-max-count property. IBM/materials reference CXF and note a...

6.5CVSS6.3AI score0.06257EPSS
CVE
CVE
added 2025/08/08 9:21 a.m.187 views

CVE-2025-48913

CVE-2025-48913 affects Apache CXF where untrusted users configuring JMS could exploit RMI/LDAP URLs to achieve code execution. The issue arises from CXF JMS configuration allowing unsafe protocols; the interface now rejects those protocols to remove the possibility of remote code execution. Publi...

9.8CVSS6.9AI score0.00739EPSS
CVE
CVE
added 2020/01/16 5:42 p.m.184 views

CVE-2019-12423

CVE-2019-12423 affects Apache CXF OpenId Connect JWK Keys service. When rs.security.keystore.type is set to “jwk”, the service may return all keys from the JWK file, potentially exposing private/secret key credentials if present, though newer CXF releases restrict to the key with the matching ali...

7.5CVSS7.2AI score0.0606EPSS
CVE
CVE
added 2018/07/02 1:0 p.m.181 views

CVE-2018-8039

CVE-2018-8039: Apache CXF could allow a remote attacker to conduct a man‑in‑the‑middle attack due to TLS hostname verification not working when using com.sun.net.ssl. In CXF versions prior to 3.2.5 and 3.1.16 the exception is not properly propagated, leaving clients vulnerable. IBM/Oracle/Red Hat...

8.1CVSS6.4AI score0.10394EPSS
CVE
CVE
added 2020/11/12 12:45 p.m.168 views

CVE-2020-13954

CVE-2020-13954 is an Apache CXF cross-site scripting (XSS) vulnerability exposed via the /services listing page. The issue arises from improper validation of user-supplied input through styleSheetPath, enabling an attacker to inject script when the URL is visited. Public documentation in the init...

6.1CVSS6.4AI score0.42993EPSS
CVE
CVE
added 2020/04/01 8:7 p.m.155 views

CVE-2020-1954

CVE-2020-1954 affects Apache CXF JMX integration; a MITM is possible if the createMBServerConnectorFactory setting on the InstrumentationManagerImpl is not disabled, allowing an on-host attacker to rebind the JMX registry and proxy traffic to access exchanged data. The issue is documented across ...

5.3CVSS5.3AI score0.06147EPSS
CVE
CVE
added 2024/07/19 8:50 a.m.155 views

CVE-2024-29736

CVE-2024-29736: Apache CXF WADL stylesheet SSRF. The issue arises from improper validation of the WADL stylesheet parameter, enabling SSRF against REST services when a custom stylesheet parameter is configured. Affected CXF versions are before 4.0.5, 3.6.4, and 3.5.9. Mitigation: upgrade CXF to 4...

9.1CVSS6.5AI score0.01029EPSS
CVE
CVE
added 2025/07/15 2:26 p.m.153 views

CVE-2025-48795

Apache CXF contains a memory-pressure vulnerability where large stream-based messages stored as temporary files are fully read into memory and logged, enabling potential DoS via out-of-memory when logs are written unencrypted. Fixes are available in CXF versions 3.5.11, 3.6.6, 4.0.7, and 4.1.1, w...

5.6CVSS6.3AI score0.00624EPSS
CVE
CVE
added 2017/11/14 4:0 p.m.138 views

CVE-2017-12624

CVE-2017-12624 affects Apache CXF JAX-WS/JAX-RS attachments. A crafted message attachment header can cause Denial of Service on CXF web services. From CXF 3.2.1 and 3.1.14, headers longer than 300 characters are rejected by default; this threshold is configurable via attachment-max-header-size.

5.5CVSS5.4AI score0.03697EPSS
CVE
CVE
added 2020/03/11 3:45 p.m.136 views

CVE-2011-2487

CVE-2011-2487 is referenced by GitHub advisory GHSA-vjwc-5HFH-2VV5, which notes that Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 leak information about decryption failures when decrypting an encrypted key or message data, making it easier to recover plaintext keys via crafted messages. The ...

5.9CVSS5.7AI score0.01756EPSS
CVE
CVE
added 2013/01/03 1:0 a.m.136 views

CVE-2012-2379

CVE-2012-2379 is tied to Apache CXF in the 2.4.x/2.5.x/2.6.x lines where a Supporting Token with a child WS-SecurityPolicy 1.1/1.2 policy may fail to ensure an XML element is signed or encrypted. The F5 advisory repository lists this CVE among multiple CXF/JBoss issues, reiterating the same under...

10CVSS5.8AI score0.04112EPSS
CVE
CVE
added 2024/07/19 8:50 a.m.126 views

CVE-2024-41172

CVE-2024-41172 affects Apache CXF: CXF's HTTP transports (HTTP client conduit) in CXF prior to 3.6.4 and 4.0.5 may fail to garbage collect HTTPClient instances, allowing memory usage to grow and potentially cause out-of-memory DoS. The placeholder indicates 3.5.x is not impacted. Public documents...

7.5CVSS6.5AI score0.01197EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.122 views

CVE-2012-5575

CVE-2012-5575 affects Apache CXF: versions 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 do not verify that the chosen cryptographic algorithm is allowed by WS-SecurityPolicy AlgorithmSuite before decrypting, enabling an attacker to coerce the use of weaker algorithms an...

6.4CVSS5.7AI score0.06322EPSS
CVE
CVE
added 2014/07/07 2:0 p.m.118 views

CVE-2014-0034

CVE-2014-0034 affects Apache CXF: the SecurityTokenService (STS) does not properly validate SAML tokens when caching is enabled, enabling a remote attacker to gain access with an invalid SAML token. Affected: CXF before 2.6.12 and 2.7.x before 2.7.9. Root cause: inadequate validation of SAML toke...

4.3CVSS8.5AI score0.07405EPSS
CVE
CVE
added 2012/09/24 5:0 p.m.112 views

CVE-2012-3451

CVE-2012-3451 affects Apache CXF. Vulnerable versions: CXF 2.4.x before 2.4.9; 2.5.x before 2.5.5; 2.6.x before 2.6.2. An attacker can cause remote web-service operations to be executed by sending a SOAP Action header that is inconsistent with the message body. The impact is “remote execution of ...

4.3CVSS9.2AI score0.08882EPSS
CVE
CVE
added 2013/01/05 12:0 a.m.108 views

CVE-2012-2378

CVE-2012-2378 affects Apache CXF: versions 2.4.5–2.4.7, 2.5.1–2.5.3, and 2.6.x before 2.6.1. The issue is a flaw in enforcing WS-SecurityPolicy 1.1 SupportingToken child policies on the client side, allowing remote attackers to bypass the policies for AlgorithmSuite, SignedParts, SignedElements, ...

4.3CVSS9.2AI score0.03926EPSS
CVE
CVE
added 2017/04/18 4:0 p.m.108 views

CVE-2017-5653

CVE-2017-5653 affects Apache CXF JAX-RS XML Security streaming clients. The root cause is that these clients do not validate that the service response was signed or encrypted, enabling remote attackers to spoof servers. Affected: CXF versions prior to 3.1.11 and 3.0.13. Impact (per public records...

5.3CVSS5.4AI score0.11167EPSS
CVE
CVE
added 2017/08/10 6:0 p.m.107 views

CVE-2016-8739

CVE-2016-8739 affects the CXF JAX-RS Abdera-based Atom readers, which expand XML entities by default, enabling an XML External Entity (XXE) risk. Affected: Apache CXF JAX-RS before 3.0.12 and before 3.1.x before 3.1.9. Impact per sources: potential read of arbitrary files via crafted XML. Remedia...

7.8CVSS7.3AI score0.07317EPSS
CVE
CVE
added 2024/07/19 8:50 a.m.107 views

CVE-2024-32007

CVE-2024-32007 affects Apache CXF: improper input validation of the p2c parameter in JOSE code can allow a denial-of-service via a token with a large p2c. Affected branches include CXF 4.0.x (before 4.0.5) and older 3.6.x/3.5.x lines (3.6.4, 3.5.9). Mitigation is to upgrade to a fixed release (i....

7.5CVSS6.7AI score0.01269EPSS
CVE
CVE
added 2017/08/10 6:0 p.m.101 views

CVE-2017-3156

The CVE-2017-3156 issue concerns the OAuth2 Hawk and JOSE MAC validation in Apache CXF. The connected advisories identify a root cause: the MAC signature comparison is not performed in constant time, creating exposure to timing attacks. Affected CXF versions are before 3.0.13 and before 3.1.10 in...

7.5CVSS7.3AI score0.06315EPSS
CVE
CVE
added 2017/04/18 4:0 p.m.101 views

CVE-2017-5656

CVE-2017-5656 : Apache CXF’s STSClient (before 3.1.11 and 3.0.13) caches delegation-related tokens in a flawed way, enabling an attacker to craft a token that resolves to a cached token identifier belonging to another user. This can bypass security restrictions. The provided documents confirm the...

7.5CVSS7.3AI score0.06827EPSS
CVE
CVE
added 2013/03/12 10:0 p.m.100 views

CVE-2012-5633

The CVE-2012-5633 issue affects Apache CXF’s URIMappingInterceptor when paired with WSS4JInInterceptor. Versions affected are CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2. The vulnerability bypasses WS-Security processing, enabling remote attackers to bypass security and access SO...

5.8CVSS9.1AI score0.08157EPSS
CVE
CVE
added 2015/11/18 4:0 p.m.97 views

CVE-2015-5253

CVE-2015-5253 affects Apache CXF SAML Web SSO module: remote authenticated bypass via a crafted SAML response with a valid signed assertion, related to a wrapping attack. Affected versions include CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3. The vulnerability can bypass authenti...

4CVSS8AI score0.05696EPSS
CVE
CVE
added 2014/10/30 2:0 p.m.95 views

CVE-2014-3623

CVE-2014-3623 affects Apache WSS4J (used in Apache CXF) where, when configured with TransportBinding, it fails to properly enforce SAML SubjectConfirmation security semantics, enabling possible remote spoofing of web service endpoints. Affected versions: WSS4J before 1.6.17 and 2.x before 2.0.2 (...

5CVSS6.5AI score0.09224EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.93 views

CVE-2013-2160

CVE-2013-2160 affects Apache CXF’s streaming XML parser. Versions affected: CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4. A crafted XML payload with a very large number of elements/attributes/nested constructs can cause denial of service through CPU and memory exhaustion. T...

5CVSS7AI score0.32259EPSS
CVE
CVE
added 2017/08/10 4:0 p.m.92 views

CVE-2016-6812

CVE-2016-6812 affects the HTTP transport module of Apache CXF. The issue arises when the service list page is generated using the calculated base URL; if the request URL contains unexpected matrix parameters, they may be echoed back in the service endpoint URLs, causing a reflected cross‑site scr...

6.1CVSS6.4AI score0.09193EPSS
CVE
CVE
added 2010/08/19 5:43 p.m.91 views

CVE-2010-2076

CVE-2010-2076 affects Apache CXF: versions 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9 used in various projects (ServiceMix, Camel, jUDDI, Geronimo, etc.). The issue is failure to reject DTDs in SOAP messages, enabling an attacker to read arbitrary files, make HTTP requests t...

9.8CVSS9.1AI score0.09788EPSS
CVE
CVE
added 2026/06/12 8:54 a.m.89 views

CVE-2026-49875

Apache CXF is affected by an XML External Entity (XXE) issue described as CVE-2026-49875. The vulnerability arises because EndpointReferenceUtils and W3CMultiSchemaFactory construct a SAXParserFactory without proper JAXP hardening, enabling out-of-band (OOB) external entity resolution. Affected c...

9.8CVSS5.3AI score0.00485EPSS
CVE
CVE
added 2013/03/12 10:0 p.m.86 views

CVE-2013-0239

CVE-2013-0239 affects Apache CXF: versions before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3. When plaintext UsernameToken WS-SecurityPolicy is enabled, a security header containing a UsernameToken element with no password can bypass authentication. This is an authentication bypass vulnera...

5CVSS9.4AI score0.04687EPSS
CVE
CVE
added 2014/10/30 2:0 p.m.85 views

CVE-2014-3584

The vulnerability CVE-2014-3584 affects Apache CXF’s SamlHeaderInHandler. In CXF versions before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1, a crafted SAML token in the authorization header to a JAX-RS service can trigger an infinite loop, causing a denial of service. Remediation is to up...

5CVSS6.8AI score0.07177EPSS
CVE
CVE
added 2014/05/08 2:0 p.m.82 views

CVE-2014-0109

CVE-2014-0109 (Apache CXF) affects CXF before 2.6.14 and 2.7.x before 2.7.11. The vulnerability allows a remote attacker to trigger a denial of service (memory exhaustion) by sending a large request with Content-Type: text/html to a SOAP endpoint, which triggers an error. The provided connected s...

4.3CVSS8.6AI score0.03644EPSS
CVE
CVE
added 2017/08/08 9:0 p.m.78 views

CVE-2012-0803

Apache CXF CVE-2012-0803 affects CXF 2.4.5 and 2.5.1 where WS-SP UsernameToken policy validation against the security header UsernameToken is broken, allowing a malicious client to bypass authentication by sending an empty UsernameToken in a SOAP request. The issue arises from CXF not validating ...

9.8CVSS9.5AI score0.0354EPSS
CVE
CVE
added 2014/07/07 2:0 p.m.75 views

CVE-2014-0035

The CVE-2014-0035 issue affects Apache CXF, specifically SymmetricBinding when EncryptBeforeSigning is enabled and UsernameToken policy is EncryptedSupportingToken. The vulnerability causes the UsernameToken to be transmitted in cleartext, enabling an attacker to sniff sensitive information over ...

4.3CVSS8.7AI score0.07053EPSS
CVE
CVE
added 2014/05/08 2:0 p.m.74 views

CVE-2014-0110

The CVE-2014-0110 entry concerns Apache CXF (affected versions: before 2.6.14 and 2.7.x before 2.7.11) where processing a large invalid SOAP message can cause a denial of service by exhausting temporary disk space. The issue is documented across multiple sources (including GHSA and OSV entries) a...

4.3CVSS8.6AI score0.03644EPSS
CVE
CVE
added 2026/05/22 12:17 p.m.61 views

CVE-2026-44417

CVE-2026-44417 is an Apache CXF-related issue that completes the fix for CVE-2025-48913. The vulnerability arises when untrusted users can configure JMS in CXF, potentially enabling code execution. The published advisories indicate an incomplete fix previously, and upgrades are recommended to mit...

7.5CVSS7.5AI score0.0064EPSS
CVE
CVE
added 2012/11/04 10:0 p.m.47 views

CVE-2012-5786

Apache CXF’s wsdl_first_https sample in versions before 2.7.0 fails to verify server hostname against the certificate’s CN/subjectAltName, enabling MITM spoofing with an arbitrary valid certificate. This is tied to the sample’s DN check bypass flag. Publicly documented impact is limited to the sa...

5.8CVSS9.2AI score0.01084EPSS
CVE
CVE
added 2026/06/12 9:5 a.m.47 views

CVE-2026-50634

CVE-2026-50634 affects Apache CXF's JwsJsonContainerRequestFilter. The vulnerability allows CXF to process metadata that was not authenticated by the accepted signature, bypassing the assumption that Content-Type or protected HTTP-header metadata came from a verified signature. This can influence...

6.5CVSS5.3AI score0.00278EPSS
CVE
CVE
added 2026/06/12 8:56 a.m.45 views

CVE-2026-50628

CVE-2026-50628 concerns Apache CXF’s OAuthRequestFilter, where a logic error creates an inverted IP binding check: legitimate requests from the bound IP are rejected while requests from other IPs are allowed. Red Hat’s advisory attributes this to the OAuthRequestFilter component of CXF and notes ...

9.8CVSS5.3AI score0.00629EPSS
CVE
CVE
added 2026/06/12 9:2 a.m.43 views

CVE-2026-50633

The CVE-2026-50633 issue is a JNDI Injection vulnerability in Apache CXF’s JCA integration module (DispatchMDBMessageListenerImpl). The vulnerability allows code execution when an attacker can manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Affected software is...

8.1CVSS5.4AI score0.00782EPSS
CVE
CVE
added 2026/06/12 9:6 a.m.43 views

CVE-2026-50645

CVE-2026-50645 affects Apache CXF during message deserialization, where there is no restriction on the number of attachment headers. This can enable uncontrolled resource consumption and a denial-of-service condition. The issue is mitigated by limiting attachments per message to a default maximum...

7.5CVSS5.3AI score0.0046EPSS
CVE
CVE
added 2026/05/22 12:16 p.m.38 views

CVE-2026-44930

Technical details are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.9AI score0.0068EPSS
Total number of security vulnerabilities57