Author: buildbot Date: Thu Aug 7 15:43:03 2025 New Revision: 1090853 Log: Production update by buildbot for cxf
Added: websites/production/cxf/content/security-advisories.data/CVE-2025-48913.txt Modified: websites/production/cxf/content/cache/main.pageCache websites/production/cxf/content/security-advisories.html Modified: websites/production/cxf/content/cache/main.pageCache ============================================================================== Binary file (source and/or target). No diff available. Added: websites/production/cxf/content/security-advisories.data/CVE-2025-48913.txt ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ websites/production/cxf/content/security-advisories.data/CVE-2025-48913.txt Thu Aug 7 15:43:03 2025 (r1090853) @@ -0,0 +1,25 @@ +CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE + +Severity: moderate + +Affected versions: + +- Apache CXF 4.1.0 before 4.1.3 +- Apache CXF 4.0.0 before 4.0.9 +- Apache CXF before 3.6.8 + +Description: + +If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. + +Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue. + +Credit: + +M Bhatt (r34p3r) OWASP GenAI Security Project & Blake Gatto (b1oo) Shrewd Research (finder) + +References: + +https://cxf.apache.org/ +https://www.cve.org/CVERecord?id=CVE-2025-48913 + Modified: websites/production/cxf/content/security-advisories.html ============================================================================== --- websites/production/cxf/content/security-advisories.html Thu Aug 7 15:34:19 2025 (r1090852) +++ websites/production/cxf/content/security-advisories.html Thu Aug 7 15:43:03 2025 (r1090853) @@ -98,7 +98,7 @@ Apache CXF -- Security Advisories <td height="100%"> <!-- Content --> <div class="wiki-content"> -<div id="ConfluenceContent"><p><span style="color: rgb(36,41,47);">For information on how to report a new security problem please see<span> </span></span><a shape="rect" class="external-link" href="https://www.apache.org/security/"; style="text-decoration: none;">here</a><span style="color: rgb(36,41,47);">.<span> </span></span></p><h3 id="SecurityAdvisories-2025">2025</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2025-23184.txt?version=2&modificationDate=1737381863000&api=v2" data-linked-resource-id="340036025" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2025-23184.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2025-23184</a>: Apache CXF: Denial of Service vulnerability with temporary files </li><li><a shape="rect" href="security-advisories.data/CVE-2025 -48795.txt?version=1&modificationDate=1752578416000&api=v2" data-linked-resource-id="373886120" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2025-48795.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2025-48795</a>: Apache CXF: Denial of Service and sensitive data exposure in logs </li></ul><h3 id="SecurityAdvisories-2024">2024</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2024-28752.txt?version=2&modificationDate=1710431346000&api=v2" data-linked-resource-id="296290905" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-28752.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">C VE-2024-28752</a>: Apache CXF SSRF Vulnerability using the Aegis databinding </li><li><a shape="rect" href="security-advisories.data/CVE-2024-29736.txt?version=1&modificationDate=1721314668000&api=v2" data-linked-resource-id="315493016" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-29736.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2024-29736</a>: SSRF vulnerability via WADL stylesheet parameter</li><li><a shape="rect" href="security-advisories.data/CVE-2024-32007.txt?version=1&modificationDate=1721314761000&api=v2" data-linked-resource-id="315493017" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-32007.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resour ce-container-id="27837502" data-linked-resource-container-version="52">CVE-2024-32007</a>: Apache CXF Denial of Service vulnerability in JOSE</li><li><a shape="rect" href="security-advisories.data/CVE-2024-41172.txt?version=1&modificationDate=1721314821000&api=v2" data-linked-resource-id="315493018" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-41172.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2024-41172</a>: Unrestricted memory consumption in CXF HTTP clients</li></ul><h3 id="SecurityAdvisories-2022">2022</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2022-46363.txt?version=1&modificationDate=1670942001000&api=v2" data-linked-resource-id="235836918" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias= "CVE-2022-46363.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2022-46363</a>: Apache CXF directory listing / code exfiltration</li><li><a shape="rect" href="security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944473000&api=v2" data-linked-resource-id="235836926" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2022-46364.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2022-46364</a>: Apache CXF SSRF Vulnerability</li></ul><h3 id="SecurityAdvisories-2021">2021</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2021-30468.txt.asc?version=1&modificationDate=1623835370000&api=v2" data-linked-resource-id="181310680" data-linked-re source-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2021-30468.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2021-30468</a>: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter</li><li><a shape="rect" href="security-advisories.data/CVE-2021-22696.txt.asc?version=1&modificationDate=1617355743000&api=v2" data-linked-resource-id="177049091" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2021-22696.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2021-22696</a>: OAuth 2 authorization service vulnerable to DDos attacks</li></ul><h3 id="SecurityAdvisories-2020">2020</h3><ul><li><a sh ape="rect" href="security-advisories.data/CVE-2020-13954.txt.asc?version=1&modificationDate=1605183671000&api=v2" data-linked-resource-id="165225095" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2020-13954.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2020-13954</a>: Apache CXF Reflected XSS in the services listing page via the styleSheetPath</li><li><a shape="rect" href="security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2" data-linked-resource-id="148645097" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2020-1954.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-contai ner-version="52">CVE-2020-1954</a>: Apache CXF JMX Integration is vulnerable to a MITM attack</li></ul><h3 id="SecurityAdvisories-2019">2019</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2019-17573.txt.asc?version=2&modificationDate=1584610519000&api=v2" data-linked-resource-id="145722246" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-17573.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2019-17573</a>: Apache CXF Reflected XSS in the services listing page</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2" data-linked-resource-id="145722244" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12423.txt.asc" data-nice -type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2019-12423</a>: Apache CXF OpenId Connect JWK Keys service returns private/secret credentials if configured with a jwk keystore</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12419.txt.asc?version=2&modificationDate=1572961201000&api=v2" data-linked-resource-id="135859612" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12419.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2019-12419</a>: Apache CXF OpenId Connect token service does not properly validate the clientId</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12406.txt.asc?version=1&modificationDate=1572957147000&api=v2" data-linke d-resource-id="135859607" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12406.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2019-12406</a>: Apache CXF does not restrict the number of message attachments</li></ul><h3 id="SecurityAdvisories-2018">2018</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2" data-linked-resource-id="87296645" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2018-8039.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2018-8039</a>: Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.</li><li><a shape="rect" href="security-advisories.data/CVE-2018-8038.txt.asc?version=1&modificationDate=1530712328000&api=v2" data-linked-resource-id="87297524" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2018-8038.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2018-8038</a>: Apache CXF Fediz is vulnerable to DTD based XML attacks</li></ul><h3 id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2017-12631.txt.asc?version=1&modificationDate=1512037276000&api=v2" data-linked-resource-id="74688816" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-12631.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-link ed-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-12631</a>: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-12624.txt.asc?version=1&modificationDate=1510661632000&api=v2" data-linked-resource-id="74687100" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-12624.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-12624</a>: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-7662.txt.asc?version=1&modificationDate=1494949377000&api=v2" data-linked-resource-id="70255583" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linke d-resource-default-alias="CVE-2017-7662.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-7662</a>: The Apache CXF Fediz OIDC Client Registration Service is vulnerable to CSRF attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-7661.txt.asc?version=1&modificationDate=1494949364000&api=v2" data-linked-resource-id="70255582" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-7661.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-7661</a>: The Apache CXF Fediz Jetty and Spring plugins are vulnerable to CSRF attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113000 &api=v2" data-linked-resource-id="69406543" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-5656.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-5656</a>: Apache CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-5653.txt.asc?version=1&modificationDate=1492515074000&api=v2" data-linked-resource-id="69406542" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-5653.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-5653</a>: Apache CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-3156.txt.asc?version=1&modificationDate=1487590374000&api=v2" data-linked-resource-id="68715428" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-3156.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2017-3156</a>: Apache CXF OAuth2 Hawk and JOSE MAC Validation code is vulnerable to the timing attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2016-8739.txt.asc?version=1&modificationDate=1482164360000&api=v2" data-linked-resource-id="67635454" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-8739.txt.asc" data-nice-t ype="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2016-8739</a>: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE</li><li><a shape="rect" href="security-advisories.data/CVE-2016-6812.txt.asc?version=1&modificationDate=1482164360000&api=v2" data-linked-resource-id="67635455" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-6812.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2016-6812</a>: XSS risk in Apache CXF FormattedServiceListWriter when a request URL contains matrix parameters</li><li><a shape="rect" href="security-advisories.data/CVE-2016-4464.txt.asc?version=1&modificationDate=1473350153000&api=v2" data-linked-resource-id="65869472" data-linked-reso urce-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-4464.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2016-4464</a>: Apache CXF Fediz application plugins do not match the SAML AudienceRestriction values against the list of configured audience URIs</li></ul><h3 id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2015-5253.txt.asc?version=1&modificationDate=1447433340000&api=v2" data-linked-resource-id="61328642" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-5253.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2015-5253</a>: Apache CXF SAML SSO processing is vu lnerable to a wrapping attack</li><li><a shape="rect" href="security-advisories.data/CVE-2015-5175.txt.asc?version=1&modificationDate=1440598018000&api=v2" data-linked-resource-id="61316328" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-5175.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2015-5175</a>: Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2014-3577.txt.asc?version=1&modificationDate=1419245371000&api=v2" data-linked-resource-id="51183657" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3577.txt.asc" data-nice-type="Text File" data-linked-resource -content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-3577</a>: Apache CXF SSL hostname verification bypass</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3566.txt.asc?version=1&modificationDate=1418740474000&api=v2" data-linked-resource-id="50561078" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3566.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">Note on CVE-2014-3566</a>: SSL 3.0 support in Apache CXF, aka the "POODLE" attack.</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3623.txt.asc?version=1&modificationDate=1414169368000&api=v2" data-linked-resource-id="47743195" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-al ias="CVE-2014-3623.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-3623</a>: Apache CXF does not properly enforce the security semantics of SAML SubjectConfirmation methods when used with the TransportBinding</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3584.txt.asc?version=1&modificationDate=1414169326000&api=v2" data-linked-resource-id="47743194" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3584.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-3584</a>: Apache CXF JAX-RS SAML handling is vulnerable to a Denial of Service (DoS) attack</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0109.txt.asc?version=1& modificationDate=1398873370000&api=v2" data-linked-resource-id="40895138" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0109.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-0109</a>: HTML content posted to SOAP endpoint could cause OOM errors</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378000&api=v2" data-linked-resource-id="40895139" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0110.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-0110</a>: Large invalid content could cause temporary space to fill</li><l i><a shape="rect" href="security-advisories.data/CVE-2014-0034.txt.asc?version=1&modificationDate=1398873385000&api=v2" data-linked-resource-id="40895140" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0034.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2014-0034</a>: The SecurityTokenService accepts certain invalid SAML Tokens as valid</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0035.txt.asc?version=1&modificationDate=1398873391000&api=v2" data-linked-resource-id="40895141" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0035.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-v ersion="52">CVE-2014-0035</a>: UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning policy</li></ul><h3 id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2013-2160.txt.asc?version=1&modificationDate=1372324301000&api=v2" data-linked-resource-id="33095710" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2013-2160.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="52">CVE-2013-2160</a> - Denial of Service Attacks on Apache CXF</li><li><a shape="rect" href="cve-2012-5575.html">Note on CVE-2012-5575</a> - XML Encryption backwards compatibility attack on Apache CXF.</li><li><a shape="rect" href="cve-2013-0239.html">CVE-2013-0239</a> - Authentication bypass in the case of WS-SecurityPolicy enabled plaintext UsernameTokens.</li></ul><h3 id="SecurityAdvisories-2012">2012</h3><ul><li><a shape="rect" href="cve-2012-5633.html">CVE-2012-5633</a> - WSS4JInInterceptor always allows HTTP Get requests from browser.</li><li><a shape="rect" href="note-on-cve-2011-2487.html">Note on CVE-2011-2487</a> - Bleichenbacher attack against distributed symmetric key in WS-Security.</li><li><a shape="rect" href="cve-2012-3451.html">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP Action spoofing attacks on Document Literal web services.</li><li><a shape="rect" href="cve-2012-2379.html">CVE-2012-2379</a> - Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html">CVE-2012-2378</a> - Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html">Note on CVE-2011-1096</a> - XML Encryption flaw / Character pattern encoding at tack.</li><li><a shape="rect" href="cve-2012-0803.html">CVE-2012-0803</a> - Apache CXF does not validate UsernameToken policies correctly.</li></ul><h3 id="SecurityAdvisories-2010">2010</h3><ul><li><a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a> - DTD based XML attacks.</li></ul><p><br clear="none"></p></div> +<div id="ConfluenceContent"><p><span style="color: rgb(36,41,47);">For information on how to report a new security problem please see<span> </span></span><a shape="rect" class="external-link" href="https://www.apache.org/security/"; style="text-decoration: none;">here</a><span style="color: rgb(36,41,47);">.<span> </span></span></p><h3 id="SecurityAdvisories-2025">2025</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2025-23184.txt?version=2&modificationDate=1737381863000&api=v2" data-linked-resource-id="340036025" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2025-23184.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2025-23184</a>: Apache CXF: Denial of Service vulnerability with temporary files </li><li><a shape="rect" href="security-advisories.data/CVE-2025 -48795.txt?version=1&modificationDate=1752578416000&api=v2" data-linked-resource-id="373886120" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2025-48795.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2025-48795</a>: Apache CXF: Denial of Service and sensitive data exposure in logs </li><li><a shape="rect" href="security-advisories.data/CVE-2025-48913.txt?version=1&modificationDate=1754576095225&api=v2" data-linked-resource-id="373887565" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2025-48913.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2025-48913</a>: Apache CXF: Untrusted JMS config uration can lead to RCE </li></ul><h3 id="SecurityAdvisories-2024">2024</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2024-28752.txt?version=2&modificationDate=1710431346000&api=v2" data-linked-resource-id="296290905" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-28752.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2024-28752</a>: Apache CXF SSRF Vulnerability using the Aegis databinding </li><li><a shape="rect" href="security-advisories.data/CVE-2024-29736.txt?version=1&modificationDate=1721314668000&api=v2" data-linked-resource-id="315493016" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-29736.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data- linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2024-29736</a>: SSRF vulnerability via WADL stylesheet parameter</li><li><a shape="rect" href="security-advisories.data/CVE-2024-32007.txt?version=1&modificationDate=1721314761000&api=v2" data-linked-resource-id="315493017" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-32007.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2024-32007</a>: Apache CXF Denial of Service vulnerability in JOSE</li><li><a shape="rect" href="security-advisories.data/CVE-2024-41172.txt?version=1&modificationDate=1721314821000&api=v2" data-linked-resource-id="315493018" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2024-41172.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2024-41172</a>: Unrestricted memory consumption in CXF HTTP clients</li></ul><h3 id="SecurityAdvisories-2022">2022</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2022-46363.txt?version=1&modificationDate=1670942001000&api=v2" data-linked-resource-id="235836918" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2022-46363.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2022-46363</a>: Apache CXF directory listing / code exfiltration</li><li><a shape="rect" href="security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944473000&api=v2" data-linked-resource-id="235836926" data-linked-resource-version="1" data -linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2022-46364.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2022-46364</a>: Apache CXF SSRF Vulnerability</li></ul><h3 id="SecurityAdvisories-2021">2021</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2021-30468.txt.asc?version=1&modificationDate=1623835370000&api=v2" data-linked-resource-id="181310680" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2021-30468.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2021-30468</a>: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter</li><li><a shape="rect" href="security-advisories.data/CVE-2021-226 96.txt.asc?version=1&modificationDate=1617355743000&api=v2" data-linked-resource-id="177049091" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2021-22696.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2021-22696</a>: OAuth 2 authorization service vulnerable to DDos attacks</li></ul><h3 id="SecurityAdvisories-2020">2020</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2020-13954.txt.asc?version=1&modificationDate=1605183671000&api=v2" data-linked-resource-id="165225095" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2020-13954.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE- 2020-13954</a>: Apache CXF Reflected XSS in the services listing page via the styleSheetPath</li><li><a shape="rect" href="security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2" data-linked-resource-id="148645097" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2020-1954.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2020-1954</a>: Apache CXF JMX Integration is vulnerable to a MITM attack</li></ul><h3 id="SecurityAdvisories-2019">2019</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2019-17573.txt.asc?version=2&modificationDate=1584610519000&api=v2" data-linked-resource-id="145722246" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-17573.txt.asc" data-nice -type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2019-17573</a>: Apache CXF Reflected XSS in the services listing page</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2" data-linked-resource-id="145722244" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12423.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2019-12423</a>: Apache CXF OpenId Connect JWK Keys service returns private/secret credentials if configured with a jwk keystore</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12419.txt.asc?version=2&modificationDate=1572961201000&api=v2" data-linked-resource-id="135859612" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12419.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2019-12419</a>: Apache CXF OpenId Connect token service does not properly validate the clientId</li><li><a shape="rect" href="security-advisories.data/CVE-2019-12406.txt.asc?version=1&modificationDate=1572957147000&api=v2" data-linked-resource-id="135859607" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2019-12406.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2019-12406</a>: Apache CXF does not restrict the number of message attachments</li></ul><h3 id="SecurityAdvisories-2018">2018</h3><u l><li><a shape="rect" href="security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2" data-linked-resource-id="87296645" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2018-8039.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2018-8039</a>: Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.</li><li><a shape="rect" href="security-advisories.data/CVE-2018-8038.txt.asc?version=1&modificationDate=1530712328000&api=v2" data-linked-resource-id="87297524" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2018-8038.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-res ource-container-version="53">CVE-2018-8038</a>: Apache CXF Fediz is vulnerable to DTD based XML attacks</li></ul><h3 id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2017-12631.txt.asc?version=1&modificationDate=1512037276000&api=v2" data-linked-resource-id="74688816" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-12631.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-12631</a>: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-12624.txt.asc?version=1&modificationDate=1510661632000&api=v2" data-linked-resource-id="74687100" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-12624.txt .asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-12624</a>: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-7662.txt.asc?version=1&modificationDate=1494949377000&api=v2" data-linked-resource-id="70255583" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-7662.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-7662</a>: The Apache CXF Fediz OIDC Client Registration Service is vulnerable to CSRF attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-7661.txt.asc?version=1&modificationDate=1494949364000&api=v2" data-li nked-resource-id="70255582" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-7661.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-7661</a>: The Apache CXF Fediz Jetty and Spring plugins are vulnerable to CSRF attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113000&api=v2" data-linked-resource-id="69406543" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-5656.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-5656</a>: Apache CXF's STSClient uses a flawed way of caching tokens that are associated with delegation t okens.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-5653.txt.asc?version=1&modificationDate=1492515074000&api=v2" data-linked-resource-id="69406542" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-5653.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-5653</a>: Apache CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted.</li><li><a shape="rect" href="security-advisories.data/CVE-2017-3156.txt.asc?version=1&modificationDate=1487590374000&api=v2" data-linked-resource-id="68715428" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2017-3156.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resour ce-container-id="27837502" data-linked-resource-container-version="53">CVE-2017-3156</a>: Apache CXF OAuth2 Hawk and JOSE MAC Validation code is vulnerable to the timing attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2016-8739.txt.asc?version=1&modificationDate=1482164360000&api=v2" data-linked-resource-id="67635454" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-8739.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2016-8739</a>: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE</li><li><a shape="rect" href="security-advisories.data/CVE-2016-6812.txt.asc?version=1&modificationDate=1482164360000&api=v2" data-linked-resource-id="67635455" data-linked-resource-version="1" data-linked-resource- type="attachment" data-linked-resource-default-alias="CVE-2016-6812.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2016-6812</a>: XSS risk in Apache CXF FormattedServiceListWriter when a request URL contains matrix parameters</li><li><a shape="rect" href="security-advisories.data/CVE-2016-4464.txt.asc?version=1&modificationDate=1473350153000&api=v2" data-linked-resource-id="65869472" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-4464.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2016-4464</a>: Apache CXF Fediz application plugins do not match the SAML AudienceRestriction values against the list of configured audience URIs</li></ul><h3 id="SecurityAdvi sories-2015">2015</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2015-5253.txt.asc?version=1&modificationDate=1447433340000&api=v2" data-linked-resource-id="61328642" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-5253.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2015-5253</a>: Apache CXF SAML SSO processing is vulnerable to a wrapping attack</li><li><a shape="rect" href="security-advisories.data/CVE-2015-5175.txt.asc?version=1&modificationDate=1440598018000&api=v2" data-linked-resource-id="61316328" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-5175.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-lin ked-resource-container-version="53">CVE-2015-5175</a>: Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2014-3577.txt.asc?version=1&modificationDate=1419245371000&api=v2" data-linked-resource-id="51183657" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3577.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-3577</a>: Apache CXF SSL hostname verification bypass</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3566.txt.asc?version=1&modificationDate=1418740474000&api=v2" data-linked-resource-id="50561078" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="C VE-2014-3566.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">Note on CVE-2014-3566</a>: SSL 3.0 support in Apache CXF, aka the "POODLE" attack.</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3623.txt.asc?version=1&modificationDate=1414169368000&api=v2" data-linked-resource-id="47743195" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3623.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-3623</a>: Apache CXF does not properly enforce the security semantics of SAML SubjectConfirmation methods when used with the TransportBinding</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3584.txt.asc?version=1&modificationDate=1414169 326000&api=v2" data-linked-resource-id="47743194" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3584.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-3584</a>: Apache CXF JAX-RS SAML handling is vulnerable to a Denial of Service (DoS) attack</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0109.txt.asc?version=1&modificationDate=1398873370000&api=v2" data-linked-resource-id="40895138" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0109.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-0109</a>: HTML content posted to SOAP endpoint could cause OOM errors</li><l i><a shape="rect" href="security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378000&api=v2" data-linked-resource-id="40895139" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0110.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-0110</a>: Large invalid content could cause temporary space to fill</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0034.txt.asc?version=1&modificationDate=1398873385000&api=v2" data-linked-resource-id="40895140" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0034.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53"> CVE-2014-0034</a>: The SecurityTokenService accepts certain invalid SAML Tokens as valid</li><li><a shape="rect" href="security-advisories.data/CVE-2014-0035.txt.asc?version=1&modificationDate=1398873391000&api=v2" data-linked-resource-id="40895141" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-0035.txt.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2014-0035</a>: UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning policy</li></ul><h3 id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2013-2160.txt.asc?version=1&modificationDate=1372324301000&api=v2" data-linked-resource-id="33095710" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2013-2160.tx t.asc" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="27837502" data-linked-resource-container-version="53">CVE-2013-2160</a> - Denial of Service Attacks on Apache CXF</li><li><a shape="rect" href="cve-2012-5575.html">Note on CVE-2012-5575</a> - XML Encryption backwards compatibility attack on Apache CXF.</li><li><a shape="rect" href="cve-2013-0239.html">CVE-2013-0239</a> - Authentication bypass in the case of WS-SecurityPolicy enabled plaintext UsernameTokens.</li></ul><h3 id="SecurityAdvisories-2012">2012</h3><ul><li><a shape="rect" href="cve-2012-5633.html">CVE-2012-5633</a> - WSS4JInInterceptor always allows HTTP Get requests from browser.</li><li><a shape="rect" href="note-on-cve-2011-2487.html">Note on CVE-2011-2487</a> - Bleichenbacher attack against distributed symmetric key in WS-Security.</li><li><a shape="rect" href="cve-2012-3451.html">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP Action spoofing attack s on Document Literal web services.</li><li><a shape="rect" href="cve-2012-2379.html">CVE-2012-2379</a> - Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html">CVE-2012-2378</a> - Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html">Note on CVE-2011-1096</a> - XML Encryption flaw / Character pattern encoding attack.</li><li><a shape="rect" href="cve-2012-0803.html">CVE-2012-0803</a> - Apache CXF does not validate UsernameToken policies correctly.</li></ul><h3 id="SecurityAdvisories-2010">2010</h3><ul><li><a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a> - DTD based XML attacks.</li></ul><p><br clear="none"></p></div> </div> <!-- Content --> </td>
