Max CVSS 10.0 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-17573 4.3
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into
25-11-2020 - 19:15 16-01-2020 - 18:15
CVE-2017-7662 6.8
Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF (Cross Style Request Forgery) style vulnerability has been
12-11-2020 - 14:15 16-05-2017 - 17:29
CVE-2017-5656 5.0
Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for anoth
12-11-2020 - 14:15 18-04-2017 - 16:59
CVE-2017-7661 6.8
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF
12-11-2020 - 14:15 16-05-2017 - 17:29
CVE-2018-8038 5.0
Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parame
12-11-2020 - 14:15 05-07-2018 - 13:29
CVE-2017-5653 5.0
JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers.
12-11-2020 - 14:15 18-04-2017 - 16:59
CVE-2018-8039 6.8
It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to ma
12-11-2020 - 14:15 02-07-2018 - 13:29
CVE-2019-12406 4.3
Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large nu
12-11-2020 - 14:15 06-11-2019 - 21:15
CVE-2016-8739 7.8
The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk.
12-11-2020 - 14:15 10-08-2017 - 18:29
CVE-2016-6812 4.3
The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the ba
12-11-2020 - 14:15 10-08-2017 - 16:29
CVE-2019-12423 4.3
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from
12-11-2020 - 14:15 16-01-2020 - 18:15
CVE-2017-3156 5.0
The OAuth2 Hawk and JOSE MAC Validation code in Apache CXF prior to 3.0.13 and 3.1.x prior to 3.1.10 is not using a constant time MAC signature comparison algorithm which may be exploited by sophisticated timing attacks.
12-11-2020 - 14:15 10-08-2017 - 18:29
CVE-2012-5575 6.4
Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers
12-11-2020 - 14:15 19-08-2013 - 23:55
CVE-2019-12419 7.5
Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is
12-11-2020 - 14:15 06-11-2019 - 21:15
CVE-2016-4464 7.5
The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unsp
12-11-2020 - 14:15 21-09-2016 - 18:59
CVE-2015-5175 5.0
Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers to cause a denial of service.
12-11-2020 - 14:15 07-06-2017 - 20:29
CVE-2014-3577 5.8
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName fi
12-11-2020 - 14:15 21-08-2014 - 14:55
CVE-2012-5633 5.8
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET requ
12-11-2020 - 14:15 12-03-2013 - 23:55
CVE-2014-3566 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
12-11-2020 - 14:15 15-10-2014 - 00:55
CVE-2015-5253 4.0
The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."
12-11-2020 - 14:15 18-11-2015 - 16:59
CVE-2012-3451 4.3
Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
12-11-2020 - 14:15 24-09-2012 - 17:55
CVE-2014-3623 5.0
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote atta
12-11-2020 - 14:15 30-10-2014 - 14:55
CVE-2014-3584 5.0
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service
12-11-2020 - 14:15 30-10-2014 - 14:55
CVE-2013-2160 5.0
The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via crafted XML with a large number of (1) elements, (2) attribut
12-11-2020 - 14:15 19-08-2013 - 23:55
CVE-2017-12624 4.3
Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS a
12-11-2020 - 14:15 14-11-2017 - 16:29
CVE-2017-12631 6.8
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3 and Spring 4 plugins in versions before 1.4
12-11-2020 - 14:15 30-11-2017 - 14:29
CVE-2011-2487 4.3
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
12-11-2020 - 14:15 11-03-2020 - 16:15
CVE-2012-2379 10.0
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impac
12-11-2020 - 14:15 03-01-2013 - 01:55
CVE-2010-2076 7.5
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows
12-11-2020 - 14:15 19-08-2010 - 18:00
CVE-2012-2378 4.3
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite
12-11-2020 - 14:15 05-01-2013 - 00:55
CVE-2012-0803 7.5
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request.
12-11-2020 - 14:15 08-08-2017 - 21:29
CVE-2013-0239 5.0
Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken el
12-11-2020 - 14:15 12-03-2013 - 23:55
CVE-2014-0034 4.3
The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token.
12-11-2020 - 14:15 07-07-2014 - 14:55
CVE-2011-1096 5.0
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtai
12-11-2020 - 14:15 23-11-2012 - 20:55
CVE-2014-0110 4.3
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message.
12-11-2020 - 14:15 08-05-2014 - 14:29
CVE-2014-0109 4.3
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (memory consumption) via a large request with the Content-Type set to text/html to a SOAP endpoint, which triggers an error.
12-11-2020 - 14:15 08-05-2014 - 14:29
CVE-2014-0035 4.3
The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers
12-11-2020 - 14:15 07-07-2014 - 14:55
Back to Top Mark selected
Back to Top