CVSS: 9.0EPSS: 10%CPEs: 28EXPL: 0CVE-2020-13936 – Velocity Sandbox Bypass
https://notcve.org/view.php?id=CVE-2020-13936
10 Mar 2021 — An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2. Un atacante que es capaz de modificar las plantillas de Velocity puede ejecutar código Java arbitrario o ejecutar comandos de sistema arbitrarios con los mismos privilegios que la... • http://www.openwall.com/lists/oss-security/2021/03/10/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 4%CPEs: 5EXPL: 0CVE-2015-0226 – wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487)
https://notcve.org/view.php?id=CVE-2015-0226
01 Apr 2015 — Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487. Apache WSS4J versiones anteriores a 1.6.17 y versiones 2.0.x anteriores a 2.0.2, filtra información inapropiadamente sobre fallos de descifrado cuando ... • http://rhn.redhat.com/errata/RHSA-2015-0846.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 13%CPEs: 4EXPL: 0CVE-2015-0227 – wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property
https://notcve.org/view.php?id=CVE-2015-0227
12 Feb 2015 — Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks." Apache WSS4J anterior a 1.6.17 y 2.x anterior a 2.0.2 permite a atacantes remotos evadir la configuración requireSignedEncryptedDataElements a través de vectores relacionados con ataques envolventes (wrapping attacks). It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property ... • http://rhn.redhat.com/errata/RHSA-2015-0773.html • CWE-264: Permissions, Privileges, and Access Controls CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.3EPSS: 1%CPEs: 4EXPL: 0CVE-2014-3623 – CXF: Improper security semantics enforcement of SAML SubjectConfirmation methods
https://notcve.org/view.php?id=CVE-2014-3623
30 Oct 2014 — Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors. Apache WSS4J anterior a versión 1.6.17 y versiones 2.x anteriores a 2.0.2, tal y como es usado en Apache CXF versiones 2.7.x anteriores a 2.7.13 y versiones 3.0.x anteriores a 3.0.2, cuando se usa Transp... • http://rhn.redhat.com/errata/RHSA-2015-0236.html • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2011-2487 – jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key
https://notcve.org/view.php?id=CVE-2011-2487
18 Jun 2013 — The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. Las implementaciones del mecanismo de transporte de claves PKCS#1 versión v1.5 para XMLEncryption en JBossWS y Apache WSS4J versiones anteriores a 1.6.5, son susceptibles a un ataque de tipo Bleichenbacher A flaw was found in JBoss web services where the services used a weak symmetric encryption protocol, PKCS#1 v1.5. An attacker could use this weak... • http://cxf.apache.org/note-on-cve-2011-2487.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •