CVE-2017-12624 - Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications

CVE-2017-12624

Summary

Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size".

References

Vulnerable Configurations

cpe:2.3:a:apache:cxf:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:cxf:3.1.13:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 16-06-2021 - 12:15)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

advisories

rhsa
id RHSA-2018:2423
rhsa
id RHSA-2018:2424
rhsa
id RHSA-2018:2425
rhsa
id RHSA-2018:2428

rpms

eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6
eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6
eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6
eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6
eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6
eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6
eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6
eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6
eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6
eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6
eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6
eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6
eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6
eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6
eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6
eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6
eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6
eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6
eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6
eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6
eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6
eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6
eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6
eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6
eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6
eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6
eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el7
eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el7
eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el7
eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el7
eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el7
eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el7
eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el7
eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el7
eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el7
eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el7
eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el7
eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el7
eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el7
eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el7
eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el7
eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el7
eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el7
eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el7
eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el7
eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el7
eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el7
eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7
eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el7
eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el7
eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el7
eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el7

refmap via4

bid	101859
confirm	http://cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc
mlist	[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html [cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html [cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html [cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html
sectrack	1040486

Last major update

16-06-2021 - 12:15

Published

14-11-2017 - 16:29

Last modified

16-06-2021 - 12:15