Every CVE whose affected-product data names Apache Juddi, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-37578 — CVSS 9.8 (critical): Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate…
CVE-2018-1307 — CVSS 8.1 (high): In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then…
CVE-2009-4267 — CVSS 6.5 (medium): The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the…
CVE-2009-1198 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the…
CVE-2015-5241 — CVSS 6.1 (medium): After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users…
CVE-2009-1197 — CVSS 5.3 (medium): Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.