Richard Zowalla created TOMEE-4127:
--------------------------------------
Summary: CXF 3.5.5
Key: TOMEE-4127
URL: https://issues.apache.org/jira/browse/TOMEE-4127
Project: TomEE
Issue Type: Dependency upgrade
Components: TomEE Core Server
Affects Versions: 9.0.0.RC1
Reporter: Richard Zowalla
December 13, 2022 - Apache CXF 3.5.5 and 3.4.10 released!
The Apache CXF team is proud to announce the availability of our latest patch
releases! Over 9 JIRA issues were fixed for 3.5.5 and 3.4.10. Two new CVEs
were issued for vulnerabilities fixed in these releases:
CVE-2022-46363: Apache CXF directory listing / code exfiltration
CVE-2022-46364: Apache CXF SSRF Vulnerability
--
This message was sent by Atlassian Jira
(v8.20.10#820010)