Lucene search
K

30 matches found

CVE
CVE
added 2022/12/13 4:20 p.m.450 views

CVE-2022-46364

CVE-2022-46364 describes an SSRF in Apache CXF when parsing the href attribute of XOP:Include in MTOM requests, affecting CXF versions before 3.5.5 and 3.4.10. The vulnerability enables SSRF-style attacks on webservices with at least one parameter. Remediation is to upgrade to CXF 3.5.5+ or 3.4.1...

9.8CVSS9.4AI score0.0193EPSS
Web
CVE
CVE
added 2024/03/15 10:27 a.m.388 views

CVE-2024-28752

CVE-2024-28752 is a SSRF vulnerability in Apache CXF’s Aegis DataBinding. Affected CXF versions are those before 4.0.4, 3.6.3, and 3.5.8; the issue enables SSRF-style attacks on web services that take at least one parameter. Other data bindings (including default) are not impacted. Remediation: u...

9.3CVSS8.2AI score0.05849EPSS
CVE
CVE
added 2025/01/21 9:35 a.m.365 views

CVE-2025-23184

CVE-2025-23184 describes a potential denial-of-service in Apache CXF where CachedOutputStream instances may not be closed in edge cases, risking file-system exhaustion if backed by temporary files on servers or clients. Affected CXF versions are before 3.5.10, 3.6.5, and 4.0.6. The NVD/Apache-mod...

7.5CVSS5.6AI score0.01941EPSS
CVE
CVE
added 2022/12/13 2:46 p.m.346 views

CVE-2022-46363

CVE-2022-46363 involves Apache CXF. The vulnerability arises when CXFServlet is configured with both static-resources-list and redirect-query-check attributes, enabling remote directory listing or code exfiltration. Affected CXF versions are pre-3.5.5 and pre-3.4.10. The IBM security bulletin cor...

7.5CVSS8.4AI score0.01193EPSS
Web
CVE
CVE
added 2021/06/16 12:0 p.m.257 views

CVE-2021-30468

CVE-2021-30468 is a denial-of-service issue in Apache CXF caused by an infinite loop in the JsonMapObjectReaderWriter. Connected IBM advisories confirm the vulnerability affects CXF usage in IBM products (e.g., Tivoli Network Manager IP Edition and IBM Security Guardium) and list the affected CXF...

7.5CVSS7.4AI score0.07024EPSS
CVE
CVE
added 2021/04/02 10:5 a.m.253 views

CVE-2021-22696

CVE-2021-22696 affects Apache CXF where improper validation of the request_uri parameter in OAuth 2 flows allows a remote attacker to cause a denial of service on the authorization server. The issue occurs when a JWT-based request uses a request_uri to fetch the token, with insufficient validatio...

7.5CVSS7.4AI score0.06593EPSS
CVE
CVE
added 2019/11/06 8:7 p.m.222 views

CVE-2019-12406

CVE-2019-12406 describes a denial-of-service in Apache CXF where a message can include an excessive number of attachments. The fixed releases (CXF 3.3.4 and 3.2.11) enforce a default attachment limit of 50, configurable via the attachment-max-count property. IBM/materials reference CXF and note a...

6.5CVSS6.3AI score0.06257EPSS
CVE
CVE
added 2020/01/16 5:42 p.m.184 views

CVE-2019-12423

CVE-2019-12423 affects Apache CXF OpenId Connect JWK Keys service. When rs.security.keystore.type is set to “jwk”, the service may return all keys from the JWK file, potentially exposing private/secret key credentials if present, though newer CXF releases restrict to the key with the matching ali...

7.5CVSS7.2AI score0.0606EPSS
CVE
CVE
added 2025/08/08 9:21 a.m.180 views

CVE-2025-48913

CVE-2025-48913 affects Apache CXF where untrusted users configuring JMS could exploit RMI/LDAP URLs to achieve code execution. The issue arises from CXF JMS configuration allowing unsafe protocols; the interface now rejects those protocols to remove the possibility of remote code execution. Publi...

9.8CVSS6.9AI score0.00739EPSS
CVE
CVE
added 2018/07/02 1:0 p.m.179 views

CVE-2018-8039

CVE-2018-8039: Apache CXF could allow a remote attacker to conduct a man‑in‑the‑middle attack due to TLS hostname verification not working when using com.sun.net.ssl. In CXF versions prior to 3.2.5 and 3.1.16 the exception is not properly propagated, leaving clients vulnerable. IBM/Oracle/Red Hat...

8.1CVSS6.4AI score0.10394EPSS
CVE
CVE
added 2020/11/12 12:45 p.m.168 views

CVE-2020-13954

CVE-2020-13954 is an Apache CXF cross-site scripting (XSS) vulnerability exposed via the /services listing page. The issue arises from improper validation of user-supplied input through styleSheetPath, enabling an attacker to inject script when the URL is visited. Public documentation in the init...

6.1CVSS6.4AI score0.42993EPSS
CVE
CVE
added 2020/04/01 8:7 p.m.154 views

CVE-2020-1954

CVE-2020-1954 affects Apache CXF JMX integration; a MITM is possible if the createMBServerConnectorFactory setting on the InstrumentationManagerImpl is not disabled, allowing an on-host attacker to rebind the JMX registry and proxy traffic to access exchanged data. The issue is documented across ...

5.3CVSS5.3AI score0.06147EPSS
CVE
CVE
added 2024/07/19 8:50 a.m.153 views

CVE-2024-29736

CVE-2024-29736: Apache CXF WADL stylesheet SSRF. The issue arises from improper validation of the WADL stylesheet parameter, enabling SSRF against REST services when a custom stylesheet parameter is configured. Affected CXF versions are before 4.0.5, 3.6.4, and 3.5.9. Mitigation: upgrade CXF to 4...

9.1CVSS6.5AI score0.01029EPSS
CVE
CVE
added 2012/09/24 5:0 p.m.112 views

CVE-2012-3451

CVE-2012-3451 affects Apache CXF. Vulnerable versions: CXF 2.4.x before 2.4.9; 2.5.x before 2.5.5; 2.6.x before 2.6.2. An attacker can cause remote web-service operations to be executed by sending a SOAP Action header that is inconsistent with the message body. The impact is “remote execution of ...

4.3CVSS9.2AI score0.08882EPSS
CVE
CVE
added 2024/07/19 8:50 a.m.107 views

CVE-2024-32007

CVE-2024-32007 affects Apache CXF: improper input validation of the p2c parameter in JOSE code can allow a denial-of-service via a token with a large p2c. Affected branches include CXF 4.0.x (before 4.0.5) and older 3.6.x/3.5.x lines (3.6.4, 3.5.9). Mitigation is to upgrade to a fixed release (i....

7.5CVSS6.7AI score0.01269EPSS
CVE
CVE
added 2015/11/18 4:0 p.m.96 views

CVE-2015-5253

CVE-2015-5253 affects Apache CXF SAML Web SSO module: remote authenticated bypass via a crafted SAML response with a valid signed assertion, related to a wrapping attack. Affected versions include CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3. The vulnerability can bypass authenti...

4CVSS8AI score0.05696EPSS
CVE
CVE
added 2026/06/12 8:54 a.m.82 views

CVE-2026-49875

Apache CXF is affected by an XML External Entity (XXE) issue described as CVE-2026-49875. The vulnerability arises because EndpointReferenceUtils and W3CMultiSchemaFactory construct a SAXParserFactory without proper JAXP hardening, enabling out-of-band (OOB) external entity resolution. Affected c...

9.8CVSS5.3AI score0.00485EPSS
CVE
CVE
added 2026/05/22 12:17 p.m.52 views

CVE-2026-44417

CVE-2026-44417 is an Apache CXF-related issue that completes the fix for CVE-2025-48913. The vulnerability arises when untrusted users can configure JMS in CXF, potentially enabling code execution. The published advisories indicate an incomplete fix previously, and upgrades are recommended to mit...

7.5CVSS7.5AI score0.0064EPSS
CVE
CVE
added 2026/06/12 9:5 a.m.42 views

CVE-2026-50634

CVE-2026-50634 affects Apache CXF's JwsJsonContainerRequestFilter. The vulnerability allows CXF to process metadata that was not authenticated by the accepted signature, bypassing the assumption that Content-Type or protected HTTP-header metadata came from a verified signature. This can influence...

6.5CVSS5.3AI score0.00278EPSS
CVE
CVE
added 2026/06/12 9:2 a.m.38 views

CVE-2026-50633

The CVE-2026-50633 issue is a JNDI Injection vulnerability in Apache CXF’s JCA integration module (DispatchMDBMessageListenerImpl). The vulnerability allows code execution when an attacker can manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Affected software is...

8.1CVSS5.4AI score0.00782EPSS
CVE
CVE
added 2026/06/12 8:56 a.m.37 views

CVE-2026-50628

CVE-2026-50628 concerns Apache CXF’s OAuthRequestFilter, where a logic error creates an inverted IP binding check: legitimate requests from the bound IP are rejected while requests from other IPs are allowed. Red Hat’s advisory attributes this to the OAuthRequestFilter component of CXF and notes ...

9.8CVSS5.3AI score0.00629EPSS
CVE
CVE
added 2026/05/22 12:16 p.m.35 views

CVE-2026-44930

Technical details are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.9AI score0.0068EPSS
CVE
CVE
added 2026/06/12 9:6 a.m.32 views

CVE-2026-50645

CVE-2026-50645 affects Apache CXF during message deserialization, where there is no restriction on the number of attachment headers. This can enable uncontrolled resource consumption and a denial-of-service condition. The issue is mitigated by limiting attachments per message to a default maximum...

7.5CVSS5.3AI score0.0046EPSS
CVE
CVE
added 2026/06/12 8:59 a.m.29 views

CVE-2026-50631

CVE-2026-50631 : A TOCTOU race condition in Apache CXF's AbstractOAuthDataProvider allows concurrent requests to reuse the same Refresh Token when recycleRefreshTokens is false, bypassing single-use semantics and generating multiple valid Access Tokens. This can enable token replay/abuse by multi...

7.4CVSS5.3AI score0.00294EPSS
CVE
CVE
added 2026/06/12 9:0 a.m.26 views

CVE-2026-50632

CVE-2026-50632 : Apache CXF exposes a JNDI Injection vulnerability in the JMSConfigFactory. The issue arises when untrusted users configure JMS, potentially allowing code execution. Affected versions are addressed by upgrades to 4.2.2 or 4.1.7. The NVD/CVEs and related feeds document this as a co...

8.8CVSS5.8AI score0.00646EPSS
CVE
CVE
added 2026/05/22 12:17 p.m.25 views

CVE-2026-44618

Technical details for CVE-2026-44618 are not publicly available in the provided documents. The records mention an XXE vulnerability in Apache CXF WS-Transfer and upgrade versions, but no further specifics are provided. Monitor for updates.

5.3CVSS5.7AI score0.00338EPSS
CVE
CVE
added 2026/06/12 8:55 a.m.22 views

CVE-2026-50627

The CVE-2026-50627 issue affects Apache CXF’s JwtAccessTokenValidator, which fails to validate the aud (Audience) claim in incoming JWT access tokens. As described in multiple sources (NVD/Red Hat/CVE List/etc.), a token issued for one Resource Server could be replayed against a different Resourc...

9.1CVSS5.2AI score0.00418EPSS
CVE
CVE
added 2026/06/12 8:58 a.m.22 views

CVE-2026-50630

The CVE-2026-50630 issue affects Apache CXF’s OAuth2 implementation, where the AuthorizationUtils class concatenates the realm parameter into the WWW-Authenticate header without sanitizing CR/LF characters. This can enable header injection or HTTP response splitting if an attacker controls the re...

6.5CVSS5.5AI score0.00404EPSS
CVE
CVE
added 2026/06/12 8:57 a.m.21 views

CVE-2026-50629

The CVE-2026-50629 issue affects Apache CXF’s OAuth2 server where the 'clientId' from HTTP requests is concatenated into log warning messages without sanitizing control characters. This creates log injection risk by allowing arbitrary content in logs. Root cause: unsanitized control characters in...

5.3CVSS5.4AI score0.0047EPSS
CVE
CVE
added 2026/06/12 8:52 a.m.19 views

CVE-2026-50623

CVE-2026-50623 affects Apache CXF’s OAuth2 TokenIntrospectionService. A missing 'throw' in the security context check permits access to the introspection endpoint (/services/oauth2/introspect) by any unauthenticated network attacker. This bypass is tied to a safeguard condition when authenticatio...

4.8CVSS5.4AI score0.00371EPSS