cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <>
Subject Two new security advisories released for Apache CXF Fediz
Date Tue, 16 May 2017 15:58:20 GMT

Two new security advisories are released that are fixed in the latest
Apache CXF Fediz releases:

a) CVE-2017-7661: The Apache CXF Fediz Jetty and Spring plugins are
vulnerable to CSRF attacks.

b) CVE-2017-7662: The Apache CXF Fediz OIDC Client Registration Service is
vulnerable to CSRF attacks

The security advisory texts are available at the following link - please
read them carefully if you are an Apache CXF Fediz user:


Colm O hEigeartaigh

Talend Community Coder

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message