axis (SUSE:Linux Enterprise Module for Basesystem 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 package axis, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2018-8032 — CVSS 6.1 (medium): Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
CVE-2012-5784 — CVSS 5.8 (medium): Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message…
CVE-2014-3596 — CVSS 5.8 (medium): The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's…