2016
- CVE-2016-4464: Apache CXF Fediz application plugins do not match the SAML AudienceRestriction values against the list of configured audience URIs
2015
- CVE-2015-5253: Apache CXF SAML SSO processing is vulnerable to a wrapping attack
- CVE-2015-5175: Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks
...