Back to bug 2155682
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Zack Miele | 2022-12-21 21:22:12 UTC | Doc Text | A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. | A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. |
| Zack Miele | 2022-12-21 21:22:56 UTC | CC | aboyko, aileenc, alazarot, anstephe, avibelli, balejosg, bgeorges, boliveir, clement.escoffier, dandread, emingora, fmongiar, gjospin, gmalinko, gsmet, hamadhan, ibek, janstey, jcantril, jnethert, jolee, jpavlik, jpoth, jrokos, jschatte, jstastny, kverlaen, lthon, max.andersen, mnovotny, pdelbell, pdrozd, peholase, periklis, pgallagh, probinso, pskopek, rguimara, rrajasek, rruss, rsvoboda, sbiarozk, sdouglas, sthorger, tcunning, yfang | |
| Paige Jung | 2022-12-21 21:58:17 UTC | Doc Text | A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. | A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. |
| Red Hat Bugzilla | 2022-12-31 23:43:24 UTC | CC | aboyko | |
| Ger-Jan te Dorsthorst | 2023-01-03 09:30:08 UTC | CC | gtedorst | |
| Doc Type | --- | If docs needed, set a value | ||
| errata-xmlrpc | 2023-01-12 20:50:55 UTC | Link ID | Red Hat Product Errata RHSA-2023:0164 | |
| errata-xmlrpc | 2023-01-12 20:52:28 UTC | Link ID | Red Hat Product Errata RHSA-2023:0163 | |
| errata-xmlrpc | 2023-01-26 21:55:54 UTC | Link ID | Red Hat Product Errata RHSA-2023:0483 | |
| errata-xmlrpc | 2023-01-30 17:12:12 UTC | Link ID | Red Hat Product Errata RHSA-2023:0544 | |
| errata-xmlrpc | 2023-01-31 13:11:20 UTC | Link ID | Red Hat Product Errata RHSA-2023:0553 | |
| errata-xmlrpc | 2023-01-31 13:15:18 UTC | Link ID | Red Hat Product Errata RHSA-2023:0552 | |
| errata-xmlrpc | 2023-01-31 13:18:51 UTC | Link ID | Red Hat Product Errata RHSA-2023:0554 | |
| errata-xmlrpc | 2023-01-31 13:20:08 UTC | Link ID | Red Hat Product Errata RHSA-2023:0556 | |
| Product Security DevOps Team | 2023-02-02 07:55:59 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2023-02-02 07:55:59 UTC | |||
| errata-xmlrpc | 2023-03-01 21:43:58 UTC | Link ID | Red Hat Product Errata RHSA-2023:1043 | |
| errata-xmlrpc | 2023-03-01 21:46:26 UTC | Link ID | Red Hat Product Errata RHSA-2023:1044 | |
| errata-xmlrpc | 2023-03-01 21:48:55 UTC | Link ID | Red Hat Product Errata RHSA-2023:1045 | |
| errata-xmlrpc | 2023-03-01 21:49:57 UTC | Link ID | Red Hat Product Errata RHSA-2023:1047 | |
| errata-xmlrpc | 2023-03-01 21:59:54 UTC | Link ID | Red Hat Product Errata RHSA-2023:1049 | |
| errata-xmlrpc | 2023-03-16 07:57:14 UTC | Link ID | Red Hat Product Errata RHSA-2023:1285 | |
| errata-xmlrpc | 2023-03-16 09:31:32 UTC | Link ID | Red Hat Product Errata RHSA-2023:1286 | |
| Sam Fowler | 2023-04-20 01:34:57 UTC | CC | sfowler | |
| errata-xmlrpc | 2023-04-27 00:48:56 UTC | Link ID | Red Hat Product Errata RHSA-2023:2041 | |
| errata-xmlrpc | 2023-05-04 15:57:23 UTC | Link ID | Red Hat Product Errata RHSA-2023:2135 | |
| errata-xmlrpc | 2023-06-15 15:24:22 UTC | Link ID | Red Hat Product Errata RHSA-2023:3641 | |
| errata-xmlrpc | 2023-06-29 20:08:09 UTC | Link ID | Red Hat Product Errata RHSA-2023:3954 |
Back to bug 2155682