This content is viewable by Everyone
High Vulnerability In Apache CXF before 3.5.5 and 3.4.10
Apache released an advisory to address a vulnerability in CXF before 3.5.5 and 3.4.10. An attacker could exploit this vulnerability to perform SSRF style attacks on webservices that take at least one parameter of any type.
For a complete description of the vulnerabilities and affected systems go to CVE-2022-46364: Apache CXF SSRF Vulnerability.