CNNVD-202508-751 Information

CNNVD ID

CNNVD-202508-751

Related CVE

CVE-2025-48913

• CNNVD Published: 2025-08-08

Description (Chinese)

Apache CXF是美国阿帕奇（Apache）基金会的一个开源的Web服务框架。该框架支持多种Web服务标准、多种前端编程API等。 Apache CXF存在安全漏洞，该漏洞源于允许配置JMS时使用RMI或LDAP URL，可能导致远程代码执行。

Description (English)

Apache CXF is an open-source Web service framework for the Apache Foundation in the United States. The framework supports various Web service standards, multiple front-end programming APIs, etc. There is a security loophole in Apache CXF, which stems from the use of RMI or LDAP URL when allowing the configuration of JMS, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-08-08

Last Modified

2026-02-24

References

https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83 https://access.redhat.com/security/cve/cve-2025-48913

Patch

https://cxf.apache.org/download.html