This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Apache CXF™ is an open source services framework. CXF helps you build and develop services using frontend programming APIs, like JAX-WS and JAX-RS. These services can speak a variety of protocols such as SOAP, XML/HTTP, RESTful HTTP, or CORBA and work over a variety of transports such as HTTP, JMS or JBI.


August 3, 2017 - Apache CXF 2.6.17 released!

Apache CXF 2.6.17 has been released. This is a once-off release to fix some security advisories that have been fixed in more recent versions of CXF. CXF users should try as much as possible to upgrade to a more recent and supported version of CXF.

The advisories fixed in this release are as follows:

 - CVE-2014-3577
 - CVE-2014-3623
 - CVE-2015-5253
 - CVE-2016-8739
 - CVE-2016-6812
 - CVE-2017-5656

June 29, 2017 - Apache CXF 3.1.12/3.0.14 released!