THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
2020
- CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attack
2019
- CVE-2019-17573: Apache CXF Reflected XSS in the services listing page
- CVE-2019-12423: Apache CXF OpenId Connect JWK Keys service returns private/secret credentials if configured with a jwk keystore
- CVE-2019-12419: Apache CXF OpenId Connect token service does not properly validate the clientId
- CVE-2019-12406: Apache CXF does not restrict the number of message attachments
...