CVE-2017-5653: JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response w
Summary
CVE-2017-5653 is a security flaw in Apache CXF (a framework for building web services) versions before 3.1.11 and 3.0.13, where JAX-RS (Java API for REST web services) XML clients do not properly validate responses from services. This could allow attackers to exploit how the software processes XML data from web services it communicates with.
Vulnerability Details
5
EPSS: 3.2%
Classification
Taxonomy References
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2017-5653
First tracked: February 15, 2026 at 08:43 PM
Classified by LLM (prompt v3) · confidence: 65%