Apache : Security Vulnerabilities, CVEs, Published In June 2017 (Denial of service)

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
Max CVSS
6.5
EPSS Score
0.22%
Published
2017-06-06
Updated
2017-06-16

CVE-2015-5175

Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers to cause a denial of service.
Max CVSS
7.5
EPSS Score
4.50%
Published
2017-06-07
Updated
2021-06-16

CVE-2015-3254

The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
Max CVSS
6.5
EPSS Score
0.52%
Published
2017-06-16
Updated
2023-02-13
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close