Uploaded image for project: 'FORTRESS'
  1. FORTRESS
  2. FC-228

[fortress-rest] CVE-2017-12624: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.0
    • 2.0.1
    • None

    Description

      per described here: http://cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc

      upgrade CXF:
      <cxf.version>3.2.1</cxf.version>
      <dependency>
      <groupId>org.apache.cxf</groupId>
      <artifactId>cxf-core</artifactId>
      <version>3.2.1</version>
      </dependency>

      Attachments

        Activity

          People

            smckinney Shawn McKinney
            smckinney Shawn McKinney
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: