Apache Cxf Vulnerabilities
Apache Apache Cxf vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Apache CXF: No restriction on attachment headers per message
CVE-2026-50645ApacheApache CxfApache CXF: WS JSON request filter trusts metadata from an unvalidated first signature entry
CVE-2026-50634ApacheApache CxfApache CXF: JNDI Injection vulnerability in DispatchMDBMessageListenerImpl
CVE-2026-50633ApacheApache CxfApache CXF: JNDI Injection Vulnerability in JMSConfigFactory
CVE-2026-50632ApacheApache CxfApache CXF: OAuth2: TOCTOU Race Condition in Refresh Token Processing
CVE-2026-50631ApacheApache CxfApache CXF: OAuth2: HTTP Response Splitting via WWW-Authenticate Realm Injection
CVE-2026-50630ApacheApache CxfApache CXF: OAuth2: Log Injection via Unsanitized Client Identifier
CVE-2026-50629ApacheApache CxfApache CXF: OAuth2: Inverted IP Binding Check Defeats Security Control
CVE-2026-50628ApacheApache CxfApache CXF: OAuth2: Missing JWT Audience and Issuer Validation in Access Token Validator
CVE-2026-50627ApacheApache CxfApache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils
CVE-2026-49875ApacheApache CxfApache CXF: Authentication Bypass in OAuth2 TokenIntrospectionService
CVE-2026-50623ApacheApache CxfRemote Code Execution Vulnerability in Apache CXF by Apache
CVE-2026-44417ApacheApache Cxf7.5HIGHInsecure XML Parser Configuration in Apache CXF's WS-Transfer Module
CVE-2026-44618ApacheApache Cxf5.3MEDIUMLDAP Injection Vulnerability in Apache CXF's XKMS Server
CVE-2026-44930ApacheApache Cxf4.3MEDIUMRMI and LDAP URL Configuration Vulnerability in Apache CXF
CVE-2025-48913ApacheApache Cxf9.8CRITICALDenial of Service Vulnerability in Apache CXF Products
CVE-2025-48795ApacheApache Cxf5.6MEDIUMDenial of Service Vulnerability in Apache CXF Software
CVE-2025-23184ApacheApache Cxf5.9MEDIUMApache CXF Memory Leak Vulnerability
CVE-2024-41172ApacheApache Cxf7.5HIGHApache CXF JOSE Vulnerability: Denial of Service Attack via Improper Input Validation
CVE-2024-32007ApacheApache Cxf7.5HIGHCXF SSRF Vulnerability Affects REST Webservices
CVE-2024-29736ApacheApache Cxfπ°9.1CRITICALSSRF Vulnerability in Apache CXF Could Allow Attacker to Perform SSRF Style Attacks
CVE-2024-28752ApacheApache CxfπΎπ‘EPSS 50%9.3CRITICALApache CXF SSRF Vulnerability
CVE-2022-46364ApacheApache CxfπΎπ‘9.8CRITICALApache CXF directory listing / code exfiltration
CVE-2022-46363ApacheApache Cxf7.5HIGHApache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter
CVE-2021-30468ApacheApache Cxf7.5HIGHOAuth 2 authorization service vulnerable to DDos attacks
CVE-2021-22696ApacheApache Cxf7.5HIGH