CVE-2024-29736 | Apache CXF up to 3.5.8/3.6.3/4.0.4 WADL Stylesheet server-side request forgery

Inserito da Angelo Barbosa | Lug 18, 2024 | CVE

A vulnerability was found in Apache CXF up to 3.5.8/3.6.3/4.0.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WADL Stylesheet Handler. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-29736. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29736 | Apache CXF up to 3.5.8/3.6.3/4.0.4 WADL Stylesheet server-side request forgery

Post correlati

CVE-2024-24785 | html-template up to 1.21.7/1.22.0 on Go MarshalJSON neutralization

CVE-2023-35835 | SolaX Pocket WiFi up to 3.001.02 Initial Configuration improper authentication

CVE-2023-49245 | Huawei HarmonyOS/EMUI Share Module access control

CVE-2024-35299 | JetBrains YouTrack prior 2024.1.29548 SMTPS certificate validation