Search for packages
Package details: pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.11
purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.11
Next non-vulnerable version 3.3.10
Latest non-vulnerable version 3.4.3
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-gtfj-ry3n-aaae
Aliases:
CVE-2020-13954
GHSA-64x2-gq24-75pv
Cross-site scripting in Apache CXF
3.3.8
Affected by 1 other vulnerability.
3.4.1
Affected by 1 other vulnerability.
VCID-zggp-qr1y-aaaf
Aliases:
CVE-2021-22696
GHSA-7q4h-pj78-j7vg
Authorization service vulnerable to DDos attacks in Apache CFX
3.3.10
Affected by 0 other vulnerabilities.
3.4.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-vq6d-cmr8-aaah Denial of Service (DoS) via invalid JAX-RS SAML tokens The `SamlHeaderInHandler` in this package allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service. CVE-2014-3584
GHSA-gw5j-77f9-v2g2

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:40:46.182082+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.3
2025-06-20T15:40:24.461493+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.3
2025-06-20T15:00:47.413807+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.3
2025-06-20T15:00:46.802937+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.3
2025-06-20T14:53:18.057209+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.3
2025-06-20T14:53:13.522097+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.3
2025-06-03T22:21:02.908941+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.0
2025-06-03T22:20:41.626613+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.0
2025-06-03T21:44:02.572443+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.0
2025-06-03T21:44:02.053845+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.0
2025-06-03T21:36:57.004109+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.0
2025-06-03T21:36:52.202788+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.0
2025-06-02T22:09:53.506574+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.1.2
2025-06-02T22:09:29.864158+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.1.2
2025-06-02T21:27:39.175240+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.1.2
2025-06-02T21:27:38.524188+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.1.2
2025-06-02T21:19:31.666134+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.1.2
2025-06-02T21:19:26.451199+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.1.2
2025-04-03T19:38:07.683830+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 36.0.0
2025-04-03T19:37:31.937264+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 36.0.0
2025-04-03T18:17:18.952942+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 36.0.0
2025-04-03T18:17:17.343955+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 36.0.0
2025-04-03T18:02:37.557398+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 36.0.0
2025-04-03T18:02:24.879232+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 36.0.0
2025-02-18T06:28:04.857609+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 35.1.0
2025-02-18T06:28:04.291603+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 35.1.0
2025-02-18T00:02:52.367359+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 35.1.0
2025-02-18T00:02:44.939105+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 35.1.0
2025-02-17T23:33:19.647420+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 35.1.0
2025-02-17T23:33:12.649200+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 35.1.0
2025-01-17T02:29:29.740423+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 35.1.0
2024-11-21T02:31:58.112354+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 35.0.0
2024-11-20T22:59:08.044964+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 35.0.0
2024-11-20T22:37:47.419288+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 35.0.0
2024-11-19T02:15:18.483229+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.3.2
2024-11-18T22:45:46.108731+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.3.2
2024-11-18T22:29:02.451327+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.3.2
2024-10-15T18:09:16.470938+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.2
2024-10-08T02:49:23.696230+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.2
2024-10-07T23:45:59.710565+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.2
2024-10-07T23:29:43.844923+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.2
2024-10-07T16:54:28.378808+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.2
2024-09-23T00:00:15.813281+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.1
2024-09-22T23:43:46.207298+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.1
2024-09-18T09:11:58.281370+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.1
2024-09-17T22:37:35.926802+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.1
2024-09-17T22:00:01.904099+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.1
2024-04-24T05:21:25.150733+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc4
2024-04-24T05:21:24.582421+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc4
2024-04-24T02:02:58.168903+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc4
2024-04-24T02:02:52.879273+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc4
2024-04-24T01:45:01.031193+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc4
2024-04-24T01:44:56.120723+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc4
2024-04-23T23:07:19.923721+00:00 GithubOSV Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw5j-77f9-v2g2/GHSA-gw5j-77f9-v2g2.json 34.0.0rc4
2024-04-23T18:03:19.292926+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc4
2024-04-23T18:03:18.544671+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc4
2024-01-10T07:53:07.936833+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc2
2024-01-10T07:53:07.370635+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc2
2024-01-10T04:35:43.077262+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc2
2024-01-10T04:35:37.861718+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc2
2024-01-10T04:16:06.114965+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc2
2024-01-10T04:16:01.199340+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc2
2024-01-09T19:59:04.693069+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc2
2024-01-09T19:59:03.867014+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc2
2024-01-04T00:38:15.553038+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc1
2024-01-03T21:22:31.646913+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf None 34.0.0rc1
2024-01-03T21:22:26.270246+00:00 GitLab Importer Affected by VCID-zggp-qr1y-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2021-22696.yml 34.0.0rc1
2024-01-03T21:00:12.028788+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae None 34.0.0rc1
2024-01-03T21:00:07.016690+00:00 GitLab Importer Affected by VCID-gtfj-ry3n-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2020-13954.yml 34.0.0rc1
2024-01-03T18:00:30.007498+00:00 GitLab Importer Fixing VCID-vq6d-cmr8-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-frontend-jaxrs/CVE-2014-3584.yml 34.0.0rc1
2024-01-03T17:36:26.074002+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah https://github.com/advisories/GHSA-gw5j-77f9-v2g2 34.0.0rc1
2024-01-03T15:27:17.186424+00:00 GHSA Importer Fixing VCID-vq6d-cmr8-aaah None 34.0.0rc1