[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-46364":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":46,"related":47,"reserved_at":9,"published_at":48,"modified_at":49,"state":50,"summary":51,"references_raw":60,"kevs":74,"epss":75,"epss_history":78,"metrics":353,"affected":362},"CVE-2022-46364","A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. ",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-918","Server-Side Request Forgery (SSRF)","The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.","weakness","Incomplete","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-664","Server Side Request Forgery",[],[],[25],"GHSA-x3x3-qwjq-8gj4",[],[28,30,32,34,36,38,40,42,44],{"_key":29},"RHSA-2023:0163",{"_key":31},"RHSA-2023:0552",{"_key":33},"RHSA-2023:0553",{"_key":35},"RHSA-2023:0554",{"_key":37},"RHSA-2024:10208",{"_key":39},"RHSA-2024:10207",{"_key":41},"RHSA-2023:1043",{"_key":43},"RHSA-2023:1044",{"_key":45},"RHSA-2023:1045",[],[],"2022-12-13T16:20:26.765Z","2025-04-22T02:48:36.211Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":53,"epss_score":54,"severity":55,"severity_score":56,"severity_version":57,"severity_source":58,"severity_vector":59,"severity_status":50},false,"low",0.00103,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[61,69],{"url":62,"sources":63,"tags":66},"https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2",[58,64,65],"nvd","osv_maven",[67,68],"Vendor Advisory","WEB",{"url":70,"sources":71,"tags":72},"https://nvd.nist.gov/vuln/detail/CVE-2022-46364",[65],[73],"Advisory",[],{"date":76,"score":54,"percentile":77},"2026-06-04",0.2773,[79,83,86,89,93,96,99,102,105,108,111,114,117,120,122,126,129,132,135,137,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188,191,194,197,200,204,207,210,213,217,220,223,226,229,232,235,238,241,244,247,250,253,257,260,263,266,269,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,326,329,332,335,338,341,344,347,350],{"date":80,"score":81,"percentile":82},"2025-11-04",0.00095,0.27212,{"date":84,"score":81,"percentile":85},"2025-11-05",0.27199,{"date":87,"score":81,"percentile":88},"2025-11-06",0.27209,{"date":90,"score":91,"percentile":92},"2025-11-07",0.00108,0.29745,{"date":94,"score":91,"percentile":95},"2025-11-08",0.2975,{"date":97,"score":91,"percentile":98},"2025-11-09",0.29729,{"date":100,"score":91,"percentile":101},"2025-11-10",0.2971,{"date":103,"score":91,"percentile":104},"2025-11-11",0.29728,{"date":106,"score":91,"percentile":107},"2025-11-12",0.2977,{"date":109,"score":91,"percentile":110},"2025-11-13",0.29788,{"date":112,"score":91,"percentile":113},"2025-11-14",0.29785,{"date":115,"score":91,"percentile":116},"2025-11-15",0.29779,{"date":118,"score":91,"percentile":119},"2025-11-16",0.29755,{"date":121,"score":91,"percentile":98},"2025-11-17",{"date":123,"score":124,"percentile":125},"2025-11-18",0.01843,0.8149,{"date":127,"score":124,"percentile":128},"2025-11-19",0.81491,{"date":130,"score":124,"percentile":131},"2025-11-20",0.81496,{"date":133,"score":81,"percentile":134},"2025-11-21",0.27104,{"date":136,"score":81,"percentile":134},"2025-11-22",{"date":138,"score":81,"percentile":139},"2025-11-23",0.27063,{"date":141,"score":81,"percentile":142},"2025-11-24",0.27033,{"date":144,"score":81,"percentile":145},"2025-11-25",0.27025,{"date":147,"score":81,"percentile":148},"2025-11-26",0.27015,{"date":150,"score":81,"percentile":151},"2025-11-27",0.27023,{"date":153,"score":81,"percentile":154},"2025-11-28",0.26993,{"date":156,"score":81,"percentile":157},"2025-11-29",0.26977,{"date":159,"score":81,"percentile":160},"2025-11-30",0.26952,{"date":162,"score":81,"percentile":163},"2025-12-01",0.27006,{"date":165,"score":81,"percentile":166},"2025-12-02",0.27029,{"date":168,"score":91,"percentile":169},"2025-12-03",0.29764,{"date":171,"score":91,"percentile":172},"2025-12-04",0.29676,{"date":174,"score":91,"percentile":175},"2025-12-05",0.29709,{"date":177,"score":91,"percentile":178},"2025-12-06",0.29715,{"date":180,"score":91,"percentile":181},"2025-12-07",0.29687,{"date":183,"score":91,"percentile":184},"2025-12-08",0.29693,{"date":186,"score":91,"percentile":187},"2025-12-09",0.29752,{"date":189,"score":91,"percentile":190},"2025-12-10",0.29817,{"date":192,"score":91,"percentile":193},"2025-12-11",0.29847,{"date":195,"score":91,"percentile":196},"2025-12-12",0.29869,{"date":198,"score":91,"percentile":199},"2025-12-13",0.29871,{"date":201,"score":202,"percentile":203},"2025-12-14",0.00105,0.29245,{"date":205,"score":202,"percentile":206},"2025-12-15",0.29216,{"date":208,"score":202,"percentile":209},"2025-12-16",0.29235,{"date":211,"score":202,"percentile":212},"2025-12-17",0.29288,{"date":214,"score":215,"percentile":216},"2025-12-18",0.00092,0.26571,{"date":218,"score":215,"percentile":219},"2025-12-19",0.26581,{"date":221,"score":215,"percentile":222},"2025-12-20",0.26551,{"date":224,"score":215,"percentile":225},"2025-12-21",0.26514,{"date":227,"score":215,"percentile":228},"2025-12-22",0.26482,{"date":230,"score":215,"percentile":231},"2025-12-23",0.26449,{"date":233,"score":215,"percentile":234},"2025-12-24",0.26468,{"date":236,"score":215,"percentile":237},"2025-12-25",0.26542,{"date":239,"score":215,"percentile":240},"2025-12-26",0.26533,{"date":242,"score":215,"percentile":243},"2025-12-27",0.2652,{"date":245,"score":215,"percentile":246},"2025-12-28",0.26407,{"date":248,"score":215,"percentile":249},"2025-12-29",0.26374,{"date":251,"score":215,"percentile":252},"2025-12-30",0.26372,{"date":254,"score":255,"percentile":256},"2025-12-31",0.00118,0.31486,{"date":258,"score":255,"percentile":259},"2026-01-01",0.31626,{"date":261,"score":255,"percentile":262},"2026-01-02",0.31611,{"date":264,"score":255,"percentile":265},"2026-01-03",0.31594,{"date":267,"score":255,"percentile":268},"2026-01-04",0.31456,{"date":270,"score":271,"percentile":272},"2026-01-05",0.00135,0.33941,{"date":274,"score":271,"percentile":275},"2026-01-06",0.33953,{"date":277,"score":271,"percentile":278},"2026-01-07",0.3397,{"date":280,"score":271,"percentile":281},"2026-01-08",0.33997,{"date":283,"score":271,"percentile":284},"2026-01-09",0.33994,{"date":286,"score":271,"percentile":287},"2026-01-10",0.33995,{"date":289,"score":271,"percentile":290},"2026-01-11",0.33972,{"date":292,"score":271,"percentile":293},"2026-01-12",0.33904,{"date":295,"score":271,"percentile":296},"2026-01-13",0.33891,{"date":298,"score":271,"percentile":299},"2026-01-14",0.3393,{"date":301,"score":271,"percentile":302},"2026-01-15",0.33923,{"date":304,"score":271,"percentile":305},"2026-01-16",0.33945,{"date":307,"score":271,"percentile":308},"2026-01-17",0.33928,{"date":310,"score":271,"percentile":311},"2026-01-18",0.3387,{"date":313,"score":271,"percentile":314},"2026-01-19",0.33831,{"date":316,"score":271,"percentile":317},"2026-01-20",0.33814,{"date":319,"score":271,"percentile":320},"2026-01-21",0.33774,{"date":322,"score":271,"percentile":323},"2026-01-22",0.33752,{"date":325,"score":271,"percentile":317},"2026-01-23",{"date":327,"score":271,"percentile":328},"2026-01-24",0.33824,{"date":330,"score":271,"percentile":331},"2026-01-25",0.33762,{"date":333,"score":271,"percentile":334},"2026-01-26",0.33677,{"date":336,"score":271,"percentile":337},"2026-01-27",0.33667,{"date":339,"score":271,"percentile":340},"2026-01-28",0.33646,{"date":342,"score":271,"percentile":343},"2026-01-29",0.33607,{"date":345,"score":271,"percentile":346},"2026-01-30",0.33594,{"date":348,"score":271,"percentile":349},"2026-01-31",0.33602,{"date":351,"score":271,"percentile":352},"2026-02-01",0.337,[354,358,360],{"source":58,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":355,"cvss_v4_0":9},{"baseScore":56,"baseSeverity":356,"vectorString":59,"impactScore":56,"exploitabilityScore":357},"CRITICAL",10,{"source":64,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":359,"cvss_v4_0":9},{"baseScore":56,"baseSeverity":356,"vectorString":59,"impactScore":56,"exploitabilityScore":357},{"source":65,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":361,"cvss_v4_0":9},{"baseScore":56,"baseSeverity":9,"vectorString":59,"impactScore":56,"exploitabilityScore":357},[363,377,388],{"ecosystem":9,"name":364,"vendor":365,"product":366,"cpe_part":367,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":368},"Apache CXF","apache software foundation","apache cxf","a",[369,374],{"version":370,"is_range":371,"range_type":58,"version_start":9,"version_start_type":9,"version_end":372,"version_end_type":373,"fixed_in":9},"\u003C 3.5.5",true,"3.5.5","excluding",{"version":375,"is_range":371,"range_type":58,"version_start":9,"version_start_type":9,"version_end":376,"version_end_type":373,"fixed_in":9},"\u003C 3.4.10","3.4.10",{"ecosystem":9,"name":378,"vendor":379,"product":378,"cpe_part":367,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":380},"cxf","apache",[381,384],{"version":382,"is_range":371,"range_type":383,"version_start":9,"version_start_type":9,"version_end":376,"version_end_type":373,"fixed_in":9},"lt3.4.10","cpe",{"version":385,"is_range":371,"range_type":383,"version_start":386,"version_start_type":387,"version_end":372,"version_end_type":373,"fixed_in":9},"gte3.5.0_lt3.5.5","3.5.0","including",{"ecosystem":389,"name":390,"vendor":391,"product":392,"cpe_part":9,"purl_type":393,"purl_namespace":391,"purl_name":392,"source":9,"versions":394},"Maven","org.apache.cxf:cxf-core","org.apache.cxf","cxf-core","maven",[395,398],{"version":396,"is_range":371,"range_type":397,"version_start":9,"version_start_type":9,"version_end":376,"version_end_type":373,"fixed_in":9},"lt3_4_10","ecosystem",{"version":399,"is_range":371,"range_type":397,"version_start":386,"version_start_type":387,"version_end":372,"version_end_type":373,"fixed_in":9},"gte3_5_0_lt3_5_5"]