Richard Zowalla created TOMEE-4127:
--------------------------------------

             Summary: CXF 3.5.5
                 Key: TOMEE-4127
                 URL: https://issues.apache.org/jira/browse/TOMEE-4127
             Project: TomEE
          Issue Type: Dependency upgrade
          Components: TomEE Core Server
    Affects Versions: 9.0.0.RC1
            Reporter: Richard Zowalla


December 13, 2022 - Apache CXF 3.5.5 and 3.4.10 released!
The Apache CXF team is proud to announce the availability of our latest patch 
releases!  Over 9 JIRA issues were fixed for 3.5.5 and 3.4.10. Two new CVEs 
were issued for vulnerabilities fixed in these releases:

CVE-2022-46363: Apache CXF directory listing / code exfiltration
CVE-2022-46364: Apache CXF SSRF Vulnerability




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to