Search for packages
Package details: pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.8
purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.8
Next non-vulnerable version 3.3.10
Latest non-vulnerable version 3.4.3
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-gtfj-ry3n-aaae
Aliases:
CVE-2020-13954
GHSA-64x2-gq24-75pv
Cross-site scripting in Apache CXF
3.3.8
Affected by 1 other vulnerability.
3.4.1
Affected by 1 other vulnerability.
VCID-zggp-qr1y-aaaf
Aliases:
CVE-2021-22696
GHSA-7q4h-pj78-j7vg
Authorization service vulnerable to DDos attacks in Apache CFX
3.3.10
Affected by 0 other vulnerabilities.
3.4.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-vq6d-cmr8-aaah Denial of Service (DoS) via invalid JAX-RS SAML tokens The `SamlHeaderInHandler` in this package allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service. CVE-2014-3584
GHSA-gw5j-77f9-v2g2

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:40:46.204086+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.3
2025-06-20T15:40:24.490368+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.3
2025-06-20T15:00:47.444620+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.3
2025-06-20T15:00:46.828605+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.3
2025-06-20T14:53:18.084838+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.3
2025-06-20T14:53:13.545071+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.3
2025-06-03T22:21:02.935052+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.0
2025-06-03T22:20:41.651261+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.0
2025-06-03T21:44:02.595027+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.0
2025-06-03T21:44:02.076708+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.0
2025-06-03T21:36:57.026693+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.0
2025-06-03T21:36:52.229681+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.0
2025-06-02T22:09:53.534383+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.2
2025-06-02T22:09:29.897087+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.2
2025-06-02T21:27:39.207879+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.2
2025-06-02T21:27:38.554735+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.2
2025-06-02T21:19:31.697014+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.2
2025-06-02T21:19:26.481596+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.2
2025-04-03T19:38:07.746426+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.0.0
2025-04-03T19:37:32.010244+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.0.0
2025-04-03T18:17:19.026614+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.0.0
2025-04-03T18:17:17.417605+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.0.0
2025-04-03T18:02:37.627691+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.0.0
2025-04-03T18:02:24.954276+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.0.0
2025-02-18T06:28:04.930199+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 35.1.0
2025-02-18T06:28:04.374613+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 35.1.0
2025-02-18T00:02:52.440080+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 35.1.0
2025-02-18T00:02:45.011981+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 35.1.0
2025-02-17T23:33:19.720206+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 35.1.0
2025-02-17T23:33:12.724381+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 35.1.0
2025-01-17T02:29:29.705544+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 35.1.0
2024-11-21T02:31:58.190427+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 35.0.0
2024-11-20T22:59:08.118064+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 35.0.0
2024-11-20T22:37:47.494200+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 35.0.0
2024-11-19T02:15:18.556889+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.3.2
2024-11-18T22:45:46.180918+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.3.2
2024-11-18T22:29:02.523335+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.3.2
2024-10-15T18:09:16.531186+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.2
2024-10-08T02:49:23.771020+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.2
2024-10-07T23:45:59.783286+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.2
2024-10-07T23:29:43.918429+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.2
2024-10-07T16:54:28.161989+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.2
2024-09-23T00:00:15.891255+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.1
2024-09-22T23:43:46.284158+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.1
2024-09-18T09:11:58.338420+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.1
2024-09-17T22:37:35.970102+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.1
2024-09-17T22:01:35.545385+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.1
2024-04-24T05:21:25.225051+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc4
2024-04-24T05:21:24.650514+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc4
2024-04-24T02:02:58.238359+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc4
2024-04-24T02:02:52.949444+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc4
2024-04-24T01:45:01.100513+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc4
2024-04-24T01:44:56.192712+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc4
2024-04-23T23:07:19.985062+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.0rc4
2024-04-23T18:03:19.988604+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc4
2024-04-23T18:03:18.087186+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc4
2024-01-10T07:53:08.009952+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc2
2024-01-10T07:53:07.438664+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc2
2024-01-10T04:35:43.146597+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc2
2024-01-10T04:35:37.931495+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc2
2024-01-10T04:16:06.184126+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc2
2024-01-10T04:16:01.269298+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc2
2024-01-09T19:59:05.388060+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc2
2024-01-09T19:59:03.386615+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc2
2024-01-04T00:38:15.623457+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc1
2024-01-03T21:22:31.716409+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc1
2024-01-03T21:22:26.340525+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc1
2024-01-03T21:00:12.097947+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc1
2024-01-03T21:00:07.088633+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc1
2024-01-03T18:00:30.052684+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc1
2024-01-03T17:36:26.025275+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc1
2024-01-03T15:27:16.461968+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc1