Homepage

eap7-apache-cxf-services vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eap7-apache-cxf-services package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

<0:3.4.10-2.redhat_00001.1.el7eap
  • H
Server-Side Request Forgery (SSRF)

<0:3.5.8-1.redhat_00001.1.el7eap
  • H
Server-Side Request Forgery (SSRF)

<0:3.5.8-1.redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:3.5.8-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.4.10-2.redhat_00001.1.el7eap
  • H
Truncation of Security-relevant Information

<0:3.4.10-2.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:3.4.10-2.redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:3.4.10-2.redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Improperly Implemented Security Check for Standard

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Race Condition

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Allocation of Resources Without Limits or Throttling

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Improper Access Control

<0:3.2.12-1.redhat_00001.1.el7eap
  • H
Incorrect Authorization

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Privilege Context Switching Error

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Insufficiently Protected Credentials

<0:3.3.5-1.redhat_00001.1.el7eap
  • M
Cross-site Scripting (XSS)

<0:3.2.7-2.redhat_00002.1.el7eap
  • M
Cross-site Scripting (XSS)

<0:3.2.7-2.redhat_00002.1.el7eap
  • M
Information Exposure

<0:3.3.12-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:3.3.7-1.redhat_00001.1.el7eap
  • M
Improper Authentication

<0:3.3.7-1.redhat_00001.1.el7eap
  • M
Files or Directories Accessible to External Parties

<0:3.3.12-1.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Insufficient Verification of Data Authenticity

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Out-of-Bounds

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Access Restriction Bypass

<0:3.1.12-1.redhat_1.1.ep7.el7
  • M
Resource Exhaustion

<0:3.3.12-1.redhat_00001.1.el7eap
  • H
Improper Authorization

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
XML External Entity (XXE) Injection

<0:3.3.5-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:3.1.16-2.redhat_2.1.ep7.el7
  • M
Information Exposure Through Log Files

<0:3.2.7-2.redhat_00002.1.el7eap
  • H
Uncaught Exception

<0:3.1.16-1.redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:3.1.16-1.redhat_1.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Improper Authentication

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Out-of-bounds Read

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Information Exposure Through Log Files

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:3.1.12-1.redhat_1.1.ep7.el7
  • M
Cross-site Scripting (XSS)

<0:3.1.16-2.redhat_2.1.ep7.el7
  • H
Improper Input Validation

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Improper Access Control

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Authentication Bypass

<0:3.2.10-1.redhat_00001.1.el7eap
  • H
Improper Access Control

<0:3.2.10-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:3.3.12-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.1.13-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:3.3.5-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:3.2.5-3.redhat_00001.1.el7eap
  • H
Server-Side Request Forgery (SSRF)

<0:3.4.10-1.redhat_00001.1.el7eap
  • M
Improper Input Validation

<0:3.3.7-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:3.3.5-1.redhat_00001.1.el7eap
  • M
Resource Exhaustion

<0:3.3.7-1.redhat_00001.1.el7eap
  • H
Incomplete Blacklist

<0:3.1.13-1.redhat_1.1.ep7.el7
  • M
Improper Input Validation

<0:3.1.10-2.redhat_1.1.ep7.el7
  • H
HTTP Response Splitting

<0:3.1.12-1.redhat_1.1.ep7.el7
  • H
Cross-site Request Forgery (CSRF)

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.7-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.7-1.redhat_00001.1.el7eap
  • M
Resource Exhaustion

<0:3.3.12-1.redhat_00001.1.el7eap
  • H
CVE-2015-0254

<0:3.1.6-1.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.2.10-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.2.10-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.2.10-1.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:3.2.10-1.redhat_00001.1.el7eap
  • M
Arbitrary Argument Injection

<0:3.1.16-2.redhat_2.1.ep7.el7
  • M
Information Exposure

<0:3.3.12-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:3.2.11-1.redhat_00001.1.el7eap