Search for packages
| purl | pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@3.0.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-wmr9-j6fm-pbap | Improper security semantics enforcement of SAML SubjectConfirmation methods This package when using `TransportBinding`, does not properly enforce the SAML `SubjectConfirmation` method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors. |
CVE-2014-3623
GHSA-99v3-9x35-c5vf |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:48:20.438302+00:00 | GitLab Importer | Fixing | VCID-wmr9-j6fm-pbap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.wss4j/wss4j-ws-security-dom/CVE-2014-3623.yml | 38.4.0 |
| 2026-04-11T23:04:13.796240+00:00 | GitLab Importer | Fixing | VCID-wmr9-j6fm-pbap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.wss4j/wss4j-ws-security-dom/CVE-2014-3623.yml | 38.3.0 |
| 2026-04-02T23:12:35.170969+00:00 | GitLab Importer | Fixing | VCID-wmr9-j6fm-pbap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.wss4j/wss4j-ws-security-dom/CVE-2014-3623.yml | 38.1.0 |
| 2026-04-01T12:50:13.649127+00:00 | GitLab Importer | Fixing | VCID-wmr9-j6fm-pbap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.wss4j/wss4j-ws-security-dom/CVE-2014-3623.yml | 38.0.0 |