THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
2014
- CVE-2014-0109: HTML content posted to SOAP endpoint could cause OOM errors
- CVE-2014-0110: Large invalid content could cause temporary space to fill
- CVE-2014-0034: The SecurityTokenService accepts certain invalid SAML Tokens as valid
- CVE-2014-0035: UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning policy
2013
- CVE-2013-2160 - Denial of Service Attacks on Apache CXF
- Note on CVE-2012-5575 - XML Encryption backwards compatibility attack on Apache CXF.
- CVE-2013-0239 - Authentication bypass in the case of WS-SecurityPolicy enabled plaintext UsernameTokens.
...