VulnerableCode Package Details - pkg:maven/org.apache.cxf/cxf-rt-security@2.7.13

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.cxf/cxf-rt-security@2.7.13

purl	pkg:maven/org.apache.cxf/cxf-rt-security@2.7.13

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-wmr9-j6fm-pbap	Improper security semantics enforcement of SAML SubjectConfirmation methods This package when using `TransportBinding`, does not properly enforce the SAML `SubjectConfirmation` method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.	CVE-2014-3623 GHSA-99v3-9x35-c5vf

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:31:58.570775+00:00	GitLab Importer	Fixing	VCID-wmr9-j6fm-pbap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-security/CVE-2014-3623.yml	38.4.0
2026-04-11T21:42:21.731458+00:00	GitLab Importer	Fixing	VCID-wmr9-j6fm-pbap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-security/CVE-2014-3623.yml	38.3.0
2026-04-02T21:56:30.973953+00:00	GitLab Importer	Fixing	VCID-wmr9-j6fm-pbap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-security/CVE-2014-3623.yml	38.1.0
2026-04-01T12:46:54.612535+00:00	GitLab Importer	Fixing	VCID-wmr9-j6fm-pbap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-security/CVE-2014-3623.yml	38.0.0