Apache: >> Ws-Xmlrpc Security Vulnerabilities
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.
CVSS Score
9.8
EPSS Score
0.385
Published
2017-10-27
The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
CVSS Score
6.5
EPSS Score
0.015
Published
2017-06-06