Package impact
MAVEN / org.apache.neethi:neethi
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42403 | high | 7.5 | 7.5 | 1mo ago | Apache Neethi does not properly detect circular references in policy definitions. | |||
| CVE-2026-42402 | high | 7.5 | 7.5 | 1mo ago | Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization | |||
| CVE-2026-42404 | high | 7.2 | 7.2 | 29d ago | Apache Neethi doesn't impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API |