A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. 
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-12-13T16:20:26.765Z

Updated: 2024-08-03T14:31:46.249Z

Reserved: 2022-12-02T08:07:46.894Z

Link: CVE-2022-46364

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-12-13T17:15:17.587

Modified: 2023-11-07T03:55:35.660

Link: CVE-2022-46364

cve-icon Redhat

Severity : Important

Publid Date: 2022-12-13T00:00:00Z

Links: CVE-2022-46364 - Bugzilla