pkg:Maven/org.apache.cxf:cxf

All known vulnerabilities

• CRITICAL9.8CVE-2012-0803Improper Authentication in Apache CXF
  >= 2.4.0, < 2.4.6
• CRITICAL9.8CVE-2019-12419Potential session hijack in Apache CXF
  from 0, < 3.2.11
• HIGH7.5CVE-2021-30468Infinite loop in Apache CFX
  >= 3.4.0, < 3.4.4
• HIGH7.5Authorization service vulnerable to DDos attacks in Apache CFX
  >= 3.4.0, < 3.4.3
• HIGH7.5Private key leak in Apache CXF
  from 0, < 3.2.12
• MEDIUM6.5Potential DOS attack due to unrestricted attachment count in messages
  from 0, < 3.2.11
• MEDIUM6.1Cross-site scripting in Apache CXF
  from 0, < 3.3.8
• MEDIUM6.1Reflected Cross-Site Scripting in Apache CXF
  from 0, < 3.2.12
• —XML Signature/Encryption Not Validated in Apache CXF
  >= 2.4.0, < 2.4.8
• —Improper Authentication in Apache CXF
  >= 2.4.5, < 2.4.8
• —Improper Authentication in Apache CXF
  from 0, < 2.5.8
• —Remote web-service operation execution in Apache CXF
  from 0, < 2.4.9