Headline

GHSA-6pff-fmh2-4mmf: Apache CXF Denial of Service vulnerability in JOSE

An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.

4 months ago

ghsa

Open in Source

#vulnerability #dos #apache #git

Apache CXF Denial of Service vulnerability in JOSE

Moderate severity GitHub Reviewed Published Jul 19, 2024 to the GitHub Advisory Database • Updated Jul 19, 2024

Related news

Red Hat Security Advisory 2024-7052-03

Red Hat Security Advisory 2024-7052-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a denial of service vulnerability.

1 month ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #apache #js #git

Red Hat Security Advisory 2024-6883-03

Red Hat Security Advisory 2024-6883-03 - Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available. Issues addressed include denial of service, information leakage, and server-side request forgery vulnerabilities.

2 months ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #apache #js #java #ssrf #ssl