VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
epss	0.03752	https://api.first.org/data/v1/epss?cve=CVE-2012-2379
generic_textual	HIGH	https://cxf.apache.org/cve-2012-2379.html
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-2g99-c67p-56hm
generic_textual	HIGH	https://github.com/apache/cxf
generic_textual	HIGH	https://github.com/apache/cxf/commit/440528d928be1e2030e7227b958c9c072847d9b2
generic_textual	HIGH	https://github.com/apache/cxf/commit/4500bf901cb2a7312291b6663045f28a95d2a0c4
generic_textual	HIGH	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
cvssv2	10.0	https://nvd.nist.gov/vuln/detail/CVE-2012-2379
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2012-2379
generic_textual	HIGH	https://svn.apache.org/viewvc?view=revision&revision=1338219

System

Score

Found at

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

epss

0.03752

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

generic_textual

HIGH

https://cxf.apache.org/cve-2012-2379.html

cvssv3.1_qr

HIGH

https://github.com/advisories/GHSA-2g99-c67p-56hm

generic_textual

HIGH

https://github.com/apache/cxf

generic_textual

HIGH

https://github.com/apache/cxf/commit/440528d928be1e2030e7227b958c9c072847d9b2

generic_textual

HIGH

https://github.com/apache/cxf/commit/4500bf901cb2a7312291b6663045f28a95d2a0c4

generic_textual

HIGH

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

generic_textual

HIGH

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

cvssv2

10.0

https://nvd.nist.gov/vuln/detail/CVE-2012-2379

generic_textual

HIGH

https://nvd.nist.gov/vuln/detail/CVE-2012-2379

generic_textual

HIGH

https://svn.apache.org/viewvc?view=revision&revision=1338219

Reference id

Reference type

URL

http://rhn.redhat.com/errata/RHSA-2012-1559.html

http://rhn.redhat.com/errata/RHSA-2012-1573.html

http://rhn.redhat.com/errata/RHSA-2012-1591.html

http://rhn.redhat.com/errata/RHSA-2012-1592.html

http://rhn.redhat.com/errata/RHSA-2012-1593.html

http://rhn.redhat.com/errata/RHSA-2012-1594.html

http://rhn.redhat.com/errata/RHSA-2013-0191.html

http://rhn.redhat.com/errata/RHSA-2013-0192.html

http://rhn.redhat.com/errata/RHSA-2013-0193.html

http://rhn.redhat.com/errata/RHSA-2013-0194.html

http://rhn.redhat.com/errata/RHSA-2013-0195.html

http://rhn.redhat.com/errata/RHSA-2013-0196.html

http://rhn.redhat.com/errata/RHSA-2013-0197.html

http://rhn.redhat.com/errata/RHSA-2013-0198.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2379.json

https://api.first.org/data/v1/epss?cve=CVE-2012-2379

https://cxf.apache.org/cve-2012-2379.html

http://secunia.com/advisories/51607

http://secunia.com/advisories/51984

https://github.com/apache/cxf

https://github.com/apache/cxf/commit/440528d928be1e2030e7227b958c9c072847d9b2

https://github.com/apache/cxf/commit/4500bf901cb2a7312291b6663045f28a95d2a0c4

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

https://svn.apache.org/viewvc?view=revision&revision=1338219

http://svn.apache.org/viewvc?view=revision&revision=1338219

826534

https://bugzilla.redhat.com/show_bug.cgi?id=826534

cpe:2.3:a:apache:cxf:2.4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.4.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.5.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.5.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.5.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:cxf:2.6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.0:*:*:*:*:*:*:*

CVE-2012-2379

https://nvd.nist.gov/vuln/detail/CVE-2012-2379

CVE-2012-2379.HTML

http://cxf.apache.org/cve-2012-2379.html

GHSA-2g99-c67p-56hm

https://github.com/advisories/GHSA-2g99-c67p-56hm

RHSA-2012:1559

https://access.redhat.com/errata/RHSA-2012:1559

RHSA-2012:1573

https://access.redhat.com/errata/RHSA-2012:1573

RHSA-2012:1591

https://access.redhat.com/errata/RHSA-2012:1591

RHSA-2012:1592

https://access.redhat.com/errata/RHSA-2012:1592

RHSA-2012:1593

https://access.redhat.com/errata/RHSA-2012:1593

RHSA-2012:1594

https://access.redhat.com/errata/RHSA-2012:1594

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:38:23.233459+00:00	ProjectKB MSRImporter	Import	https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv	38.0.0

2026-04-01T12:38:23.233459+00:00

ProjectKB MSRImporter

Import

https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv

38.0.0

Vulnerability ID	VCID-b91g-m3nt-1bgq
Aliases	CVE-2012-2379 GHSA-2g99-c67p-56hm
Summary	Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.87972
EPSS Score	0.03752
Published At	April 1, 2026, 12:55 p.m.