You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

  • CVE-2012-2378 - Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side.
  • Note on CVE-2011-1096 - XML Encryption flaw / Character pattern encoding attack.
  • CVE-2012-0803 - Apache CXF does not validate UsernameToken policies correctly.
  • CVE-2010-2076 - DTD based XML attacks.
  • No labels