CVE-2017-12624: Uncontrolled Resource Consumption

November 14, 2017 (updated October 3, 2019)

It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider.

References

cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc
www.securityfocus.com/bid/101859
www.securitytracker.com/id/1040486
nvd.nist.gov/vuln/detail/CVE-2017-12624

Code Behaviors & Features

Detect and mitigate CVE-2017-12624 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →