org.apache.cxf:cxf-bundle vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.apache.cxf:cxf-bundle package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	[3.0.0-milestone2,)
M Denial of Service (DoS)	[2.1.10,2.2)[2.2.6,2.6.14)[2.7.0,2.7.11)
C Authorization Bypass	[2.4.5,2.4.6)[2.5.1,2.5.2)
M Information Exposure	[2.0.6,2.6.13)[2.7.0,2.7.10)
C Improper Verification of Cryptographic Signature	[2.4.0,2.4.8)[2.5.0,2.5.4)[2.6.0,2.6.1)
M Cryptographic Issues	[2.5.0,2.5.7)[2.6.0,2.6.4)[2.7.0,2.7.1)
M Authentication Bypass	[2.4.1,2.5.9)[2.6.0,2.6.6)[2.7.0,2.7.3)
M Denial of Service (DoS)	[2.6.0,2.6.14)[2.7.0,2.7.11)[3.0.0-milestone1,3.0.0-milestone2)
H Insufficient constraints on Document Type Declarations (DTDs)	[2.2.0,2.2.9)[2.1.0,2.1.10)[2.0.0,2.0.13)
M Authentication Bypass	[2.6.0,2.6.2)[2.5.0,2.5.5)[,2.4.9)
M Improper Authentication	[,2.5.8)[2.6.0,2.6.5)[2.7.0,2.7.2)

Vulnerability

Vulnerable Version

[3.0.0-milestone2,)

[2.1.10,2.2)[2.2.6,2.6.14)[2.7.0,2.7.11)

[2.4.5,2.4.6)[2.5.1,2.5.2)

[2.0.6,2.6.13)[2.7.0,2.7.10)

[2.4.0,2.4.8)[2.5.0,2.5.4)[2.6.0,2.6.1)

[2.5.0,2.5.7)[2.6.0,2.6.4)[2.7.0,2.7.1)

[2.4.1,2.5.9)[2.6.0,2.6.6)[2.7.0,2.7.3)

[2.6.0,2.6.14)[2.7.0,2.7.11)[3.0.0-milestone1,3.0.0-milestone2)

[2.2.0,2.2.9)[2.1.0,2.1.10)[2.0.0,2.0.13)

[2.6.0,2.6.2)[2.5.0,2.5.5)[,2.4.9)

[,2.5.8)[2.6.0,2.6.5)[2.7.0,2.7.2)

Package versions

106 VERSIONS IN TOTAL See all versions