org.apache.cxf:cxf-rt-rs-security-sso-saml@3.0.0 vulnerabilities
-
latest version
4.0.4
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
5 months ago
-
licenses detected
- [2.6.1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.cxf:cxf-rt-rs-security-sso-saml package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.cxf:cxf-rt-rs-security-sso-saml is an open source services framework. Affected versions of this package are vulnerable to Authentication Bypass. It allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack." How to fix Authentication Bypass? Upgrade |
[2.7.0,2.7.18)
[3.0.0,3.0.7)
[3.1.0,3.1.3)
|