The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-10-30T14:00:00
Updated: 2024-08-06T10:50:17.625Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3584
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-10-30T14:55:07.660
Modified: 2024-11-21T02:08:27.013
Link: CVE-2014-3584
Redhat