VDB
CVE-2012-2379
CVE-2012-2379
PUBLISHED
Reported by redhat · Published January 3, 2013
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
| Maven | org.apache.cxf:cxf | 2.4.0, 2.4.0 |
Timeline
- Jan 3, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Sep 6, 2023 EPSS Score
References
- RHSA-2012:1559 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- RHSA-2013:0192 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0198 vendor-advisoryx_refsource_REDHAT
- RHSA-2012:1594 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0195 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0196 vendor-advisoryx_refsource_REDHAT
- 51607 third-party-advisoryx_refsource_SECUNIA
- RHSA-2013:0193 vendor-advisoryx_refsource_REDHAT
- 51984 third-party-advisoryx_refsource_SECUNIA
- RHSA-2012:1592 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- RHSA-2013:0191 vendor-advisoryx_refsource_REDHAT
- RHSA-2012:1593 vendor-advisoryx_refsource_REDHAT
- RHSA-2012:1573 vendor-advisoryx_refsource_REDHAT
- RHSA-2012:1591 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0197 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0194 vendor-advisoryx_refsource_REDHAT
- [cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html mailing-listx_refsource_MLIST
- [cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html mailing-listx_refsource_MLIST
…and 12 more