CVSS: 7.5EPSS: 13%CPEs: 11EXPL: 0CVE-2017-3156 – cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks
https://notcve.org/view.php?id=CVE-2017-3156
10 Aug 2017 — The OAuth2 Hawk and JOSE MAC Validation code in Apache CXF prior to 3.0.13 and 3.1.x prior to 3.1.10 is not using a constant time MAC signature comparison algorithm which may be exploited by sophisticated timing attacks. OAuth2 Hawk y JOSE MAC en Apache CXF en versiones anteriores a la 3.0.13 y en versiones 3.1.x anteriores a la 3.1.10 no emplean un algoritmo de comparación de firma MAC de tiempo constante, lo que podría ser explotado por ataques basados en tiempo sofisticados. It was found that Apache CXF ... • http://cxf.apache.org/security-advisories.data/CVE-2017-3156.txt.asc • CWE-385: Covert Timing Channel •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-0803
https://notcve.org/view.php?id=CVE-2012-0803
08 Aug 2017 — The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request. La política WS-SP UsernameToken en Apache CXF 2.4.5 y 2.5.1 permite que atacantes remotos eludan la autenticación mediante el envío de un UsernameToken vacío como parte de una petición SOAP. • http://marc.info/?l=full-disclosure&m=132861746008002 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 13%CPEs: 2EXPL: 0CVE-2015-5175
https://notcve.org/view.php?id=CVE-2015-5175
07 Jun 2017 — Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers to cause a denial of service. Plugins de aplicaciones en Apache CXF Fediz, versiones anteriores a la 1.1.3 y de la 1.2.x a la 1.2.1 permiten a atacantes remotos causar una denegación de servicio. • http://www.openwall.com/lists/oss-security/2015/08/26/3 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-7661
https://notcve.org/view.php?id=CVE-2017-7661
16 May 2017 — Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4. Apache CXF Fediz, se envía con una serie de plugins específicos de contenedores para habilitar WS-Federation para aplicaciones. Una vulnerabilidad de estilo CSRF (Cross Style Request Forgery) se ha detectado en los plugins ... • http://cxf.apache.org/security-advisories.data/CVE-2017-7661.txt.asc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7662
https://notcve.org/view.php?id=CVE-2017-7662
16 May 2017 — Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF (Cross Style Request Forgery) style vulnerability has been found in this web application in Apache CXF Fediz prior to 1.4.0 and 1.3.2, meaning that a malicious web application could create new clients, or reset secrets, etc, after the admin user has logged on to the client registration service and the session is still ... • http://cxf.apache.org/security-advisories.data/CVE-2017-7662.txt.asc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 3%CPEs: 2EXPL: 0CVE-2017-5653 – cxf: CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted
https://notcve.org/view.php?id=CVE-2017-5653
18 Apr 2017 — JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers. Clientes streaming de JAX-RS XML Security en Apache CXF en versiones anteriores a 3.1.11 y 3.0.13 no validan que la respuesta de servicio fue firmada o encriptada, lo que permite a atacantes suplantar servidores. It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encry... • http://cxf.apache.org/security-advisories.data/CVE-2017-5653.txt.asc?version=1&modificationDate=1492515074710&api=v2 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2017-5656 – cxf: CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens
https://notcve.org/view.php?id=CVE-2017-5656
18 Apr 2017 — Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user. Apache CXF's STSClient en versiones anteriores a 3.1.11 y 3.0.13 utiliza un modo defectuoso de los tokens de caché que están asociados al los tokens de delegación, lo que significa que el atacante puede modificar el token el cual puede devolver el ident... • http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113282&api=v2 • CWE-384: Session Fixation •
CVSS: 6.1EPSS: 6%CPEs: 10EXPL: 0CVE-2016-6812 – apache-cxf: XSS in Apache CXF FormattedServiceListWriter
https://notcve.org/view.php?id=CVE-2016-6812
03 Apr 2017 — The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will ... • http://cxf.apache.org/security-advisories.data/CVE-2016-6812.txt.asc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 0CVE-2016-8739 – apache-cxf: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE
https://notcve.org/view.php?id=CVE-2016-8739
03 Apr 2017 — The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk. El módulo JAX-RS en Apache CXF anterior a 3.0.12 y en sus versiones 3.1.x anteriores a 3.1.9 proporciona un número de Atom JAX-RS MessageBodyReaders. Estos lectores emplean Apache Abdera Parser que expande las entidades XML por defecto. Esto representa un gran riesgo de XXE... • http://cxf.apache.org/security-advisories.data/CVE-2016-8739.txt.asc • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2016-4464
https://notcve.org/view.php?id=CVE-2016-4464
21 Sep 2016 — The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature. Los plugins de aplicación en Apache CXF Fediz 1.2.x en versiones anteriores a 1.2.3 y 1.3.x en versiones anteriores a 1.3.1 no coinciden con valores SAML AudienceRestriction contra URls de a... • http://cxf.apache.org/security-advisories.data/CVE-2016-4464.txt.asc • CWE-284: Improper Access Control •