Multiple vulnerabilities have been found in Apache XML-RPC, the worst of which could result in arbitrary code execution.
Package | dev-java/xmlrpc on all architectures |
---|---|
Affected versions | <= 3.1.3 |
Unaffected versions |
Apache XML-RPC (previously known as Helma XML-RPC) is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls.
Multiple vulnerabilities have been discovered in Apache XML-RPC. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
Gentoo has discontinued support for Apache XML-RPC. We recommend that users unmerge it:
# emerge --ask --depclean "dev-java/xmlrpc"
Release date
January 22, 2024
Latest revision
January 22, 2024: 1
Severity
normal
Exploitable
remote
Bugzilla entries