Lucene search
ApacheVULNRICHMENT:CVE-2024-32007HistoryJul 19, 2024 - 8:50 a.m.
CVE-2024-32007 Apache CXF Denial of Service vulnerability in JOSE
2024-07-1908:50:31
CWE-20
CWE-400
apache
github.com
7
cve-2024-32007
apache cxf
jose
denial of service
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An improper input validation of theΒ p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9Β allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*"
],
"vendor": "apache",
"product": "cxf",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4.0.5",
"versionType": "semver"
},
{
"status": "affected",
"version": "0",
"lessThan": "3.6.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "0",
"lessThan": "3.5.9",
"versionType": "semver"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-32007
2024-07-19 09:15:04
cvelist
cvelist
CVE-2024-32007 Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 08:50:31
osv
osv
Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 09:32:06
CVE-2024-32007
2024-07-19 09:15:04
redhatcve
redhatcve
CVE-2024-32007
2024-07-23 09:17:37
github
github
Apache CXF Denial of Service vulnerability in JOSE
2024-07-19 09:32:06
veracode
veracode
Denial Of Service (DoS)
2024-07-21 13:53:04
atlassian
atlassian
cve
cve
CVE-2024-32007
2024-07-19 09:15:04
nessus
nessus
Apache CXF < 3.5.9, 3.6.x < 3.6.4, 4.0.x < 4.0.5 Multiple Vulnerabilities
2024-07-26 00:00:00
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-32007