THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
2017
- CVE-2017-3156: Apache CXF OAuth2 Hawk and JOSE MAC Validation code is vulnerable to the timing attacks
2016
- CVE-2016-8739: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE
- CVE-2016-6812: XSS risk in Apache CXF FormattedServiceListWriter when a request URL contains matrix parameters
- CVE-2016-4464: Apache CXF Fediz application plugins do not match the SAML AudienceRestriction values against the list of configured audience URIs
...