By sending a specially-crafted message containing an overly large number of message attachments, a remote attacker could exploit this vulnerability to cause a denial of service condition.ĬVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)ĭESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ships with OpenId Connect JWK Keys service. DESCRIPTION: IBM Security Guardium stores user credentials in plain clear text which can be read by a local privileged user.ĬVSS Temporal Score: See: for the current score.ĬVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)ĭESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of message attachments present in a given message.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |