What is CVE-2014-0110?

CVE-2014-0110 is a vulnerability in Apache Cxf, classified under CWE-399. Published 2014-05-08.

Is CVE-2014-0110 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Cxf

CVE-2014-0110

Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message.

EPSS: 0.061 (90.9th percentile) — read the EPSS interpretation.

Affected products

Apache Cxf — versions 2.4.0, 2.4.1, 2.4.2
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

n0-traces/cve_

References

secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
RHSA-2015:0850 (x_refsource_REDHAT, vendor-advisory)
RHSA-2015:0851 (x_refsource_REDHAT, vendor-advisory)
1030202 (vdb-entry, x_refsource_SECTRACK)
RHSA-2014:1351 (x_refsource_REDHAT, vendor-advisory)
[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2014-0110?: CVE-2014-0110 is a vulnerability in Apache Cxf, classified under CWE-399. Published 2014-05-08.
Is CVE-2014-0110 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.