home.social

#apachecxf — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #apachecxf, aggregated by home.social.

  1. CVE-2025-48913: Apache CXF (4.0.0/4.1.0) CRITICAL vuln enables RCE if untrusted users can set JMS with RMI/LDAP URLs. Upgrade to 3.6.8, 4.0.9, or 4.1.3 ASAP. 🔒 radar.offseq.com/threat/cve-20 #OffSeq #ApacheCXF #RCE #Vuln

  2. We forked #ApacheTika's 2x branch, and we're now requiring Java 11 in our main branch (3.x).

    There are so many dependencies that we can now upgrade, including #ApacheLucene, #ApacheCXF, #Jetty and so many others.

  3. @dashorst I was going to suggest using hashtags to broaden the discoverability of this toot, but the fact that there’s no autosuggest when I type #apachecxf is not a great sign I think. 😱

    If I recall correctly we used CXF (or at least kicked the tires on it) when building DigID Machtigen in 2007-2009. Along with Wicket and Spring. Not sure how much traction CXF had/still has?

    Oh, and there’s no shame talking XML/XSD. I’d prefer it over making everything YAML.