Apache : Security Vulnerabilities, CVEs, Published In August 2017 (Bypass)
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.
Max CVSS
7.5
EPSS Score
0.11%
Published
2017-08-29
Updated
2017-09-02
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
Max CVSS
9.8
EPSS Score
0.16%
Published
2017-08-22
Updated
2017-08-29
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request.
Max CVSS
9.8
EPSS Score
3.67%
Published
2017-08-08
Updated
2023-02-13
3 vulnerabilities found