[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2012-2378":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":21,"downstream":22,"duplicates":27,"related":28,"reserved_at":9,"published_at":29,"modified_at":30,"state":31,"summary":32,"references_raw":41,"kevs":140,"epss":141,"epss_history":144,"metrics":398,"affected":403},"CVE-2012-2378","Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],[],[20],"GHSA-vjpc-vf4f-82qg",[],[23,25],{"_key":24},"RHSA-2012:1591",{"_key":26},"RHSA-2012:1592",[],[],"2013-01-05T00:00:00.000Z","2024-08-06T19:34:24.327Z","Modified",{"cisa_kev":33,"cisa_ransomware":33,"cisa_vendor":9,"epss_severity":34,"epss_score":35,"severity":36,"severity_score":37,"severity_version":38,"severity_source":39,"severity_vector":40,"severity_status":31},false,"low",0.04238,"medium",4.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:N/A:N",[42,51,57,62,68,72,76,80,86,90,94,98,102,106,111,116,120,124,128,132,136],{"url":43,"sources":44,"tags":47},"http://rhn.redhat.com/errata/RHSA-2012-1594.html",[45,39,46],"cve.org","osv_maven",[48,49,50],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":52,"sources":53,"tags":54},"http://secunia.com/advisories/51607",[45,39,46],[55,56,48,50],"Third Party Advisory","X Refsource SECUNIA",{"url":58,"sources":59,"tags":60},"http://cxf.apache.org/cve-2012-2378.html",[45,39,46],[61,48,50],"X Refsource CONFIRM",{"url":63,"sources":64,"tags":65},"http://www.securityfocus.com/bid/53880",[45,39,46],[66,67,50],"VDB Entry","X Refsource BID",{"url":69,"sources":70,"tags":71},"http://rhn.redhat.com/errata/RHSA-2012-1592.html",[45,39,46],[48,49,50],{"url":73,"sources":74,"tags":75},"http://rhn.redhat.com/errata/RHSA-2012-1591.html",[45,39,46],[48,49,50],{"url":77,"sources":78,"tags":79},"http://svn.apache.org/viewvc?view=revision&revision=1337150",[45,39,46],[61,50],{"url":81,"sources":82,"tags":83},"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],"Mailing List","X Refsource MLIST",{"url":87,"sources":88,"tags":89},"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],{"url":91,"sources":92,"tags":93},"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],{"url":95,"sources":96,"tags":97},"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],{"url":99,"sources":100,"tags":101},"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],{"url":103,"sources":104,"tags":105},"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E",[45,39,46],[84,85,50],{"url":107,"sources":108,"tags":109},"https://nvd.nist.gov/vuln/detail/CVE-2012-2378",[46],[110],"Advisory",{"url":112,"sources":113,"tags":114},"https://github.com/apache/cxf",[46],[115],"PACKAGE",{"url":117,"sources":118,"tags":119},"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E",[46],[50],{"url":121,"sources":122,"tags":123},"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E",[46],[50],{"url":125,"sources":126,"tags":127},"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E",[46],[50],{"url":129,"sources":130,"tags":131},"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E",[46],[50],{"url":133,"sources":134,"tags":135},"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E",[46],[50],{"url":137,"sources":138,"tags":139},"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E",[46],[50],[],{"date":142,"score":35,"percentile":143},"2026-06-04",0.88966,[145,148,150,153,156,159,161,164,167,170,173,176,179,182,184,187,190,193,196,199,202,204,207,209,212,215,218,221,224,226,229,232,235,238,240,242,245,248,251,254,257,259,262,265,268,271,274,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,323,325,328,331,334,337,340,342,344,347,350,353,356,358,361,364,367,370,373,376,379,382,385,388,391,393,395],{"date":146,"score":35,"percentile":147},"2025-11-04",0.88257,{"date":149,"score":35,"percentile":147},"2025-11-05",{"date":151,"score":35,"percentile":152},"2025-11-06",0.88249,{"date":154,"score":35,"percentile":155},"2025-11-07",0.88256,{"date":157,"score":35,"percentile":158},"2025-11-08",0.88259,{"date":160,"score":35,"percentile":155},"2025-11-09",{"date":162,"score":35,"percentile":163},"2025-11-10",0.88255,{"date":165,"score":35,"percentile":166},"2025-11-11",0.88261,{"date":168,"score":35,"percentile":169},"2025-11-12",0.8827,{"date":171,"score":35,"percentile":172},"2025-11-13",0.88275,{"date":174,"score":35,"percentile":175},"2025-11-14",0.8828,{"date":177,"score":35,"percentile":178},"2025-11-15",0.88274,{"date":180,"score":35,"percentile":181},"2025-11-16",0.88278,{"date":183,"score":35,"percentile":178},"2025-11-17",{"date":185,"score":35,"percentile":186},"2025-11-18",0.87658,{"date":188,"score":35,"percentile":189},"2025-11-19",0.87664,{"date":191,"score":35,"percentile":192},"2025-11-20",0.87669,{"date":194,"score":35,"percentile":195},"2025-11-21",0.88289,{"date":197,"score":35,"percentile":198},"2025-11-22",0.88288,{"date":200,"score":35,"percentile":201},"2025-11-23",0.88284,{"date":203,"score":35,"percentile":201},"2025-11-24",{"date":205,"score":35,"percentile":206},"2025-11-25",0.88285,{"date":208,"score":35,"percentile":206},"2025-11-26",{"date":210,"score":35,"percentile":211},"2025-11-27",0.88286,{"date":213,"score":35,"percentile":214},"2025-11-28",0.88277,{"date":216,"score":35,"percentile":217},"2025-11-29",0.88351,{"date":219,"score":35,"percentile":220},"2025-11-30",0.88348,{"date":222,"score":35,"percentile":223},"2025-12-01",0.88408,{"date":225,"score":35,"percentile":223},"2025-12-02",{"date":227,"score":35,"percentile":228},"2025-12-03",0.88406,{"date":230,"score":35,"percentile":231},"2025-12-04",0.88347,{"date":233,"score":35,"percentile":234},"2025-12-05",0.88349,{"date":236,"score":35,"percentile":237},"2025-12-06",0.8835,{"date":239,"score":35,"percentile":237},"2025-12-07",{"date":241,"score":35,"percentile":217},"2025-12-08",{"date":243,"score":35,"percentile":244},"2025-12-09",0.88364,{"date":246,"score":35,"percentile":247},"2025-12-10",0.88382,{"date":249,"score":35,"percentile":250},"2025-12-11",0.88385,{"date":252,"score":35,"percentile":253},"2025-12-12",0.88387,{"date":255,"score":35,"percentile":256},"2025-12-13",0.88389,{"date":258,"score":35,"percentile":253},"2025-12-14",{"date":260,"score":35,"percentile":261},"2025-12-15",0.8839,{"date":263,"score":35,"percentile":264},"2025-12-16",0.88393,{"date":266,"score":35,"percentile":267},"2025-12-17",0.88398,{"date":269,"score":35,"percentile":270},"2025-12-18",0.884,{"date":272,"score":35,"percentile":273},"2025-12-19",0.88402,{"date":275,"score":35,"percentile":270},"2025-12-20",{"date":277,"score":35,"percentile":278},"2025-12-21",0.88409,{"date":280,"score":35,"percentile":281},"2025-12-22",0.88407,{"date":283,"score":35,"percentile":284},"2025-12-23",0.88412,{"date":286,"score":35,"percentile":287},"2025-12-24",0.88416,{"date":289,"score":35,"percentile":290},"2025-12-25",0.88426,{"date":292,"score":35,"percentile":293},"2025-12-26",0.88424,{"date":295,"score":35,"percentile":296},"2025-12-27",0.88469,{"date":298,"score":35,"percentile":299},"2025-12-28",0.88417,{"date":301,"score":35,"percentile":302},"2025-12-29",0.88413,{"date":304,"score":35,"percentile":305},"2025-12-30",0.88419,{"date":307,"score":35,"percentile":308},"2025-12-31",0.88428,{"date":310,"score":35,"percentile":311},"2026-01-01",0.88492,{"date":313,"score":35,"percentile":314},"2026-01-02",0.88487,{"date":316,"score":35,"percentile":317},"2026-01-03",0.88484,{"date":319,"score":35,"percentile":320},"2026-01-04",0.88422,{"date":322,"score":35,"percentile":299},"2026-01-05",{"date":324,"score":35,"percentile":320},"2026-01-06",{"date":326,"score":35,"percentile":327},"2026-01-07",0.88425,{"date":329,"score":35,"percentile":330},"2026-01-08",0.8843,{"date":332,"score":35,"percentile":333},"2026-01-09",0.88434,{"date":335,"score":35,"percentile":336},"2026-01-10",0.88437,{"date":338,"score":35,"percentile":339},"2026-01-11",0.88429,{"date":341,"score":35,"percentile":308},"2026-01-12",{"date":343,"score":35,"percentile":290},"2026-01-13",{"date":345,"score":35,"percentile":346},"2026-01-14",0.88439,{"date":348,"score":35,"percentile":349},"2026-01-15",0.88442,{"date":351,"score":35,"percentile":352},"2026-01-16",0.88448,{"date":354,"score":35,"percentile":355},"2026-01-17",0.88449,{"date":357,"score":35,"percentile":355},"2026-01-18",{"date":359,"score":35,"percentile":360},"2026-01-19",0.88447,{"date":362,"score":35,"percentile":363},"2026-01-20",0.8845,{"date":365,"score":35,"percentile":366},"2026-01-21",0.88454,{"date":368,"score":35,"percentile":369},"2026-01-22",0.88458,{"date":371,"score":35,"percentile":372},"2026-01-23",0.88472,{"date":374,"score":35,"percentile":375},"2026-01-24",0.88479,{"date":377,"score":35,"percentile":378},"2026-01-25",0.88475,{"date":380,"score":35,"percentile":381},"2026-01-26",0.88476,{"date":383,"score":35,"percentile":384},"2026-01-27",0.88477,{"date":386,"score":35,"percentile":387},"2026-01-28",0.8848,{"date":389,"score":35,"percentile":390},"2026-01-29",0.88485,{"date":392,"score":35,"percentile":314},"2026-01-30",{"date":394,"score":35,"percentile":390},"2026-01-31",{"date":396,"score":35,"percentile":397},"2026-02-01",0.8855,[399],{"source":39,"cvss_v2_0":400,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":37,"baseSeverity":9,"vectorString":40,"impactScore":401,"exploitabilityScore":402},2.9,8.6,[404,424],{"ecosystem":9,"name":405,"vendor":406,"product":405,"cpe_part":407,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":408},"cxf","apache","a",[409,412,414,416,418,420,422],{"version":410,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.4.5","cpe",{"version":413,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.4.6",{"version":415,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.4.7",{"version":417,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.5.1",{"version":419,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.5.2",{"version":421,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.5.3",{"version":423,"is_range":33,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.6.0",{"ecosystem":425,"name":426,"vendor":427,"product":405,"cpe_part":9,"purl_type":428,"purl_namespace":427,"purl_name":405,"source":9,"versions":429},"Maven","org.apache.cxf:cxf","org.apache.cxf","maven",[430,437,439],{"version":431,"is_range":432,"range_type":433,"version_start":410,"version_start_type":434,"version_end":435,"version_end_type":436,"fixed_in":9},"gte2_4_5_lt2_4_8",true,"ecosystem","including","2.4.8","excluding",{"version":438,"is_range":432,"range_type":433,"version_start":417,"version_start_type":434,"version_end":421,"version_end_type":436,"fixed_in":9},"gte2_5_1_lt2_5_3",{"version":440,"is_range":432,"range_type":433,"version_start":423,"version_start_type":434,"version_end":441,"version_end_type":436,"fixed_in":9},"gte2_6_0_lt2_6_1","2.6.1"]