CVE-2015-5175 – org.apache.cxf.fediz:fediz-core

Package

Manager: maven
Name: org.apache.cxf.fediz:fediz-core
Vulnerable Version: >=0 <1.1.3 || >=1.2 <1.2.1

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.13564 pctl0.93979

Details

Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks Application plugins in Apache CXF Fediz prior to version 1.1.3 and 1.2.x prior to 1.2.1 allow remote attackers to create a denial of service.

Metadata

Created: 2018-10-18T16:57:00Z
Modified: 2022-09-13T23:37:01Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-3357-829x-m9pr/GHSA-3357-829x-m9pr.json
CWE IDs: ["CWE-20"]
Alternative ID: GHSA-3357-829x-m9pr
Finding: F184
Auto approve: 1