Uploaded image for project: 'FORTRESS'
  1. FORTRESS
  2. FC-228

[fortress-rest] CVE-2017-12624: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0
    • Fix Version/s: 2.0.1
    • Labels:
      None

      Description

      per described here: http://cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc

      upgrade CXF:
      <cxf.version>3.2.1</cxf.version>
      <dependency>
      <groupId>org.apache.cxf</groupId>
      <artifactId>cxf-core</artifactId>
      <version>3.2.1</version>
      </dependency>

        Attachments

          Activity

            People

            • Assignee:
              smckinney Shawn McKinney
              Reporter:
              smckinney Shawn McKinney
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: