pkg:Maven/org.apache.cxf:cxf-core

12 total CVEsCRITICAL1HIGH4MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2022-46364Apache CXF Server-Side Request Forgery vulnerability
    from 0, < 3.4.10
  • HIGH7.5CVE-2025-23184Apache CXF: Denial of Service vulnerability with temporary files
    from 0, < 3.5.10
  • HIGH7.5CVE-2022-46363Apache CXF vulnerable to Exposure of Sensitive Information
    from 0, < 3.4.10
  • HIGH7.5CVE-2016-8739Improper Restriction of XML External Entity Reference in Apache CXF JAX-RS
    from 0, < 3.0.12
  • HIGH7.5CVE-2017-5656Session Fixation in Apache CXF
    >= 3.1.0, < 3.1.11
  • MEDIUM6.1CVE-2016-6812Improper Neutralization of Input During Web Page Generation in Apache CXF
    from 0, < 3.0.12
  • MEDIUM5.6CVE-2025-48795Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged
    from 0, < 3.5.11
  • MEDIUM5.5CVE-2017-12624Improper Input Validation in Apache CXF
    >= 3.2.0, < 3.2.1
  • MEDIUM5.3CVE-2017-5653Improper Certificate Validation in Apache CXF
    >= 3.1.0, < 3.1.11
  • CVE-2014-0035Cleartext Transmission of Sensitive Information in Apache CXF
    from 0, < 2.6.13
  • CVE-2014-0110Uncontrolled Resource Consumption in Apache CXF
    from 0, < 2.6.14
  • CVE-2014-0109Uncontrolled Resource Consumption in Apache CXF
    from 0, < 2.6.14