CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23184 – Apache CXF: Denial of Service vulnerability with temporary files
https://notcve.org/view.php?id=CVE-2025-23184
21 Jan 2025 — A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and clients). A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill ... • https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2024-41172 – Apache CXF: Unrestricted memory consumption in CXF HTTP clients
https://notcve.org/view.php?id=CVE-2024-41172
19 Jul 2024 — In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory En las versiones de Apache CXF anteriores a 3.6.4 y 4.0.5 (las versiones 3.5.x y inferiores no se ven afectadas), un conducto de cliente HTTP de CXF puede impedir que las instancias de HTTPClient se recop... • https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2024-32007 – Apache CXF Denial of Service vulnerability in JOSE
https://notcve.org/view.php?id=CVE-2024-32007
19 Jul 2024 — An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. Una validación de entrada incorrecta del parámetro p2c en el código Apache CXF JOSE anterior a 4.0.5, 3.6.4 y 3.5.9 permite a un atacante realizar un ataque de denegación de servicio especificando un valor grande para este parámetro en un token. An improper input validation vulnerability... • https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29736 – Apache CXF: SSRF vulnerability via WADL stylesheet parameter
https://notcve.org/view.php?id=CVE-2024-29736
19 Jul 2024 — A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured. Una vulnerabilidad SSRF en la descripción del servicio WADL en versiones de Apache CXF anteriores a 4.0.5, 3.6.4 y 3.5.9 permite a un atacante realizar ataques de estilo SSRF en servicios web REST. El ataque sólo se aplica si se configura un parámetro de hoja de es... • https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-28752 – Apache CXF SSRF Vulnerability using the Aegis databinding
https://notcve.org/view.php?id=CVE-2024-28752
15 Mar 2024 — A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted. Una vulnerabilidad SSRF que utiliza Aegis DataBinding en versiones de Apache CXF anteriores a 4.0.4, 3.6.3 y 3.5.8 permite a un atacante realizar ataques de estilo SSRF en servicios web que toman al menos un paráme... • http://www.openwall.com/lists/oss-security/2024/03/14/3 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46364 – Apache CXF SSRF Vulnerability
https://notcve.org/view.php?id=CVE-2022-46364
13 Dec 2022 — A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Una vulnerabilidad SSRF al analizar el atributo href de XOP: Incluir en solicitudes MTOM en versiones de Apache CXF anteriores a 3.5.5 y 3.4.10 permite a un atacante realizar ataques de estilo SSRF en servicios web que toman al menos un parámetro de cualquier tipo. A S... • https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46363 – Apache CXF directory listing / code exfiltration
https://notcve.org/view.php?id=CVE-2022-46363
13 Dec 2022 — A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured. Una vulnerabilidad en Apache CXF anterior a las versiones 3.5.5 y 3.4.10 permite a un atacante reali... • https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-40690 – Bypass of the secureValidation property
https://notcve.org/view.php?id=CVE-2021-40690
19 Sep 2021 — All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. Todas las versiones de Apache Santuario - XML Security for Java anteriores a 2.2.3 y 2.1.7 son vulnerables a un problema donde la propiedad "secureValidation" no es pasad... • https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa%40%3Ccommits.tomee.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-30468 – Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter
https://notcve.org/view.php?id=CVE-2021-30468
16 Jun 2021 — A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11. Una vulnerabilidad en la función JsonMapObjectReaderWriter de Apache CXF permite a un atacante enviar un JSON malformado hacia un servicio web, lo que hace que el subproceso se quede atascado en un bucle ... • http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22696 – OAuth 2 authorization service vulnerable to DDos attacks
https://notcve.org/view.php?id=CVE-2021-22696
02 Apr 2021 — CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)). Instead of sending a JWT token as a "request" parameter, the spec also supports specifying a URI from which to retrieve a JWT token from via the "request_uri" parameter. CXF was not validating the "request_uri" parameter (apart from ensuring it uses "https) and was making a REST request to the parameter in the... • http://www.openwall.com/lists/oss-security/2021/04/02/2 • CWE-400: Uncontrolled Resource Consumption CWE-918: Server-Side Request Forgery (SSRF) •