VulnerableCode Package Details - pkg:maven/org.apache.cxf/apache-cxf@3.4.4

Search for packages

Package details: pkg:maven/org.apache.cxf/apache-cxf@3.4.4

Essentials
History (2)

purl	pkg:maven/org.apache.cxf/apache-cxf@3.4.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-nm3a-xq11-sudn	Infinite loop in Apache CFX A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.	CVE-2021-30468 GHSA-g23v-p5jq-jvh4

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T12:30:30.492417+00:00	GHSA Importer	Fixing	VCID-nm3a-xq11-sudn	https://github.com/advisories/GHSA-g23v-p5jq-jvh4	37.0.0
2025-07-31T09:00:55.259048+00:00	GithubOSV Importer	Fixing	VCID-nm3a-xq11-sudn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-g23v-p5jq-jvh4/GHSA-g23v-p5jq-jvh4.json	37.0.0