CNNVD-202507-2005 Information
CNNVD ID
CNNVD-202507-2005
Related CVE
- CNNVD Published: 2025-07-15
Description (Chinese)
Apache CXF是美国阿帕奇(Apache)基金会的一个开源的Web服务框架。该框架支持多种Web服务标准、多种前端编程API等。 Apache CXF存在安全漏洞,该漏洞源于临时文件处理不当,可能导致拒绝服务和信息泄露。
Description (English)
Apache CXF is an open-source Web service framework for the Apache Foundation in the United States. The framework supports various Web service standards, multiple front-end programming APIs, etc. There is a security gap in Apache CXF, which stems from the mishandling of temporary documents, which could lead to the denial of services and the disclosure of information.
Hazard Level
High
Vulnerability Type
资源管理错误
Affected Vendor
阿帕奇
Published
2025-07-15
Last Modified
2026-02-24
References
https://lists.apache.org/thread/vo5qv02mvv5plmb6z2xf1ktjmrpv3jmn https://access.redhat.com/security/cve/cve-2025-48795 https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://nvd.nist.gov/vuln/detail/CVE-2025-48795