Vulnerabilities > Apache > WS Xmlrpc > 3.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-27 | CVE-2016-5003 | Deserialization of Untrusted Data vulnerability in Apache Ws-Xmlrpc 3.1.3 The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element. | 9.8 |
| 2017-06-06 | CVE-2016-5004 | Resource Exhaustion vulnerability in Apache Ws-Xmlrpc 3.1.3 The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes. | 4.3 |