📦 Cxf

This vulnerability in Apache CXF allows untrusted users who can configure JMS endpoints to use RMI or LDAP URLs, potentially leading to remote code execution. Systems where untrusted users have JMS co...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Apache CXF's WADL service description. It allows attackers to make unauthorized requests from the vulnerable server to internal...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Apache CXF's Aegis DataBinding component. It allows attackers to make unauthorized HTTP requests from the vulnerable server to ...

This memory leak vulnerability in Apache CXF HTTP client conduit prevents proper garbage collection of HTTPClient instances, causing continuous memory consumption increase. Affected systems running Ap...

A denial-of-service vulnerability in Apache CXF's JsonMapObjectReaderWriter allows attackers to send specially crafted JSON payloads to web services, causing infinite loops that consume 100% CPU on af...