| |
Podatność CVE-2024-32007
Publikacja: 2024-07-19
| Opis: |
An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.
|
Typ:
CWE-20 (Improper Input Validation)
Referencje: |
https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English