Apache Ws-Xmlrpc vulnerabilities
2 known vulnerabilities affecting apache/ws-xmlrpc.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2016-5003P2CRITICALCVSS 9.8v3.1.32017-10-27
CVE-2016-5003 [CRITICAL] CWE-502 CVE-2016-5003: The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element.
nvd
CVE-2016-5004P4MEDIUMCVSS 6.5v3.1.32017-06-06
CVE-2016-5004 [MEDIUM] CWE-400 CVE-2016-5004: The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote
The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
nvd