VYPR

Ws Xmlrpc

by Apache

CVEs (2)

  • CVE-2016-5003CriOct 27, 2017
    risk 0.65cvss 9.8epss 0.15

    The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.

  • CVE-2016-5004MedJun 6, 2017
    risk 0.43cvss 6.5epss 0.06

    The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.