Search for packages
Package details: pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.3
purl pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.3
Next non-vulnerable version 2.7.9
Latest non-vulnerable version 3.1.11
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-7uaz-br64-aaar
Aliases:
CVE-2014-0034
GHSA-38x2-fp9m-87mx
CVE-2014-0034 Apache CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid
2.7.9
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-m6hu-ghyn-aaan UsernameTokenPolicyValidator and UsernameTokenInterceptor allow empty passwords to authenticate When the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element. CVE-2013-0239
GHSA-p5c5-6564-vvr8

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:41:19.324040+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 36.1.3
2025-06-20T15:40:07.278064+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 36.1.3
2025-06-20T13:45:42.978847+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 36.1.3
2025-06-20T13:45:42.899292+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 36.1.3
2025-06-03T22:21:35.687029+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 36.1.0
2025-06-03T22:20:23.457305+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 36.1.0
2025-06-03T20:36:36.484271+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 36.1.0
2025-06-03T20:36:36.408397+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 36.1.0
2025-06-02T22:10:29.477763+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 36.1.2
2025-06-02T22:09:11.577527+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 36.1.2
2025-06-02T20:15:48.963237+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 36.1.2
2025-06-02T20:15:48.884057+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 36.1.2
2025-04-03T19:39:11.436389+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 36.0.0
2025-04-03T19:37:03.322581+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 36.0.0
2025-04-03T16:23:16.151427+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 36.0.0
2025-04-03T16:23:15.904559+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 36.0.0
2025-02-18T04:38:08.852520+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 35.1.0
2025-02-18T04:38:08.284354+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 35.1.0
2025-02-17T22:16:56.484640+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 35.1.0
2025-02-17T22:16:56.242257+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 35.1.0
2024-11-21T01:33:12.142961+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 35.0.0
2024-11-20T21:52:48.655593+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 35.0.0
2024-11-19T01:12:18.258694+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.3.2
2024-11-18T21:50:09.722274+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.3.2
2024-10-08T01:48:12.917620+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.0.2
2024-10-07T22:49:30.551767+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.0.2
2024-10-07T16:46:25.002048+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar https://github.com/advisories/GHSA-38x2-fp9m-87mx 34.0.2
2024-09-23T01:49:53.325773+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.0.1
2024-09-22T17:10:20.283667+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar https://github.com/advisories/GHSA-38x2-fp9m-87mx 34.0.1
2024-09-17T22:37:35.312180+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.0.1
2024-04-24T04:10:36.807451+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc4
2024-04-24T04:10:36.204881+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.0.0rc4
2024-04-24T00:55:21.959938+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.0.0rc4
2024-04-24T00:55:21.690696+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 34.0.0rc4
2024-04-23T17:59:50.804857+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar https://github.com/advisories/GHSA-38x2-fp9m-87mx 34.0.0rc4
2024-04-23T17:59:49.901503+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc4
2024-01-10T06:46:39.030498+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc2
2024-01-10T06:46:38.438647+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.0.0rc2
2024-01-10T03:18:59.763978+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.0.0rc2
2024-01-10T03:18:59.493934+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 34.0.0rc2
2024-01-09T19:56:13.510066+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar https://github.com/advisories/GHSA-38x2-fp9m-87mx 34.0.0rc2
2024-01-09T19:56:12.641570+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc2
2024-01-03T23:32:59.574965+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc1
2024-01-03T23:32:58.972150+00:00 GitLab Importer Affected by VCID-7uaz-br64-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2014-0034.yml 34.0.0rc1
2024-01-03T19:56:38.114134+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan None 34.0.0rc1
2024-01-03T18:00:29.399762+00:00 GitLab Importer Fixing VCID-m6hu-ghyn-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cxf/cxf-rt-ws-security/CVE-2013-0239.yml 34.0.0rc1
2024-01-03T15:25:03.377564+00:00 GHSA Importer Affected by VCID-7uaz-br64-aaar None 34.0.0rc1