Where
-Infinity
0

Trending

Last week
Last month
Last year

Apache CXFIf untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDA…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2387221

Apache CXFApache CXF: Untrusted JMS configuration can lead to RCE

Risk 93
Severity
9.8
First published (updated )
CVE-2025-48913

Apache CXFA potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2339095

Apache CXFApache CXF: Denial of Service vulnerability with temporary files

Risk 32
Severity
7.5
EPSS
0.09%
First published (updated )
CVE-2025-23184

CVE-2025-23184: Apache CXF: Denial of Service vulnerability with temporary files

First published (updated )
https://seclists.org/oss-sec/2025/q1/33
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache CXFIn versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF …

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2298829

Apache CXFInput Validation

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-2298828

Apache CXFSSRF

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2298827

maven/org.apache.cxf:cxf-rt-transports-httpApache CXF: Unrestricted memory consumption in CXF HTTP clients

Risk 47
Severity
7.5
First published (updated )
CVE-2024-41172

maven/org.apache.cxf:cxf-rt-rs-security-joseApache CXF Denial of Service vulnerability in JOSE

Risk 47
Severity
7.5
First published (updated )
CVE-2024-32007
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache CXFApache CXF: SSRF vulnerability via WADL stylesheet parameter

Risk 71
Severity
9.1
First published (updated )
CVE-2024-29736

CVE-2024-41172: Unstricted memory consumption in CXF HTTP clients

First published (updated )
https://seclists.org/oss-sec/2024/q3/92

CVE-2024-32007: Apache CXF Denial of Service vulnerability in JOSE

First published (updated )
https://seclists.org/oss-sec/2024/q3/91

CVE-2024-29736: Apache CXF: SSRF vulnerability via WADL stylesheet parameter

First published (updated )
https://seclists.org/oss-sec/2024/q3/90

maven/org.apache.cxf:cxf-coreApache CXF SSRF Vulnerability using the Aegis databinding

Risk 49
Severity
9.3
EPSS
0.04%
First published (updated )
CVE-2024-28752
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Red Hat Migration Toolkit for Applications1 vulnerability

Risk 23
First published (updated )
Advisory
RHSA-2023:2041

Apache CXF SSRF Vulnerability

Risk 90
Severity
9.8
First published (updated )
CVE-2022-46364

redhat/rh-sso7-keycloakApache CXF directory listing / code exfiltration

Risk 45
Severity
7.5
First published (updated )
CVE-2022-46363

Oracle Retail Financial IntegrationBypass of the secureValidation property

Risk 45
Severity
7.5
First published (updated )
CVE-2021-40690

IBM Security GuardiumApache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter

Risk 45
Severity
7.5
First published (updated )
CVE-2021-30468

IBM Security GuardiumOAuth 2 authorization service vulnerable to DDos attacks

Risk 45
Severity
7.5
First published (updated )
CVE-2021-22696
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM Security GuardiumApache CXF Reflected XSS in the services listing page via the styleSheetPath

Risk 39
Severity
6.1
First published (updated )
CVE-2020-13954

Apache CXFApache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension …

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1824301

IBM Security GuardiumInfoleak

Risk 37
Severity
5.9
First published (updated )
CVE-2020-1954

redhat/eap7-apache-cxfXSS

Risk 39
Severity
6.1
First published (updated )
CVE-2019-17573

IBM Security GuardiumApache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ship…

Risk 45
Severity
7.5
First published (updated )
CVE-2019-12423
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM Security GuardiumApache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of mes…

Risk 39
Severity
6.5
First published (updated )
CVE-2019-12406

redhat/cxfA flaw was found in cxf in versions prior to 3.2.11 and 3.3.4. The access token services do not prop…

Risk 88
Severity
9.8
First published (updated )
CVE-2019-12419

IBM Security GuardiumApache CXF could allow a remote attacker to conduct a man-in-the-middle attack. The TLS hostname ver…

Risk 78
Severity
8.1
First published (updated )
CVE-2018-8039

IBM Security GuardiumInput Validation

Risk 33
Severity
5.5
First published (updated )
CVE-2017-12624

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203