VDB
GCVE-110-MAGEIA-2014-552
GCVE-110-MAGEIA-2014-552
Advisory Published
Updated wss4j packages fixes security vulnerability:
Apache WSS4J before 1.6.17, when using TransportBinding, does not properly
enforce the SAML SubjectConfirmation method security semantics, which allows
remote attackers to conduct spoofing attacks via unspecified vectors
(CVE-2014-3623).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | wss4j | 0 (affected), 1.6.17-1.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.