Vulnerabilities > Apache > Juddi > 3.2.1

DATE CVE VULNERABILITY TITLE RISK
2021-07-29 CVE-2021-37578 Deserialization of Untrusted Data vulnerability in Apache Juddi
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services.
network
low complexity
apache CWE-502
critical
 9.8
9.8
2018-02-09 CVE-2018-1307 XXE vulnerability in Apache Juddi
In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then mediates the data structures into UDDI data structures, there are little protections present against entity expansion and DTD type of attacks.
network
high complexity
apache CWE-611
8.1
8.1