cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <>
Subject New security advisory CVE-2017-12624 released for Apache CXF
Date Tue, 14 Nov 2017 13:32:50 GMT
A new security advisory has been released for Apache CXF, that is fixed in
the recent 3.2.1 and 3.1.14 releases:

CVE-2017-12624: Apache CXF web services that process attachments are
vulnerable to Denial of Service (DoS) attacks

The full text of the advisory is available here:


Colm O hEigeartaigh

Talend Community Coder

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message