| Release | Version |
|---|---|
| jessie | 1.4-22 |
| jessie (lts) | 1.4-21+deb8u1 |
| stretch | 1.4-25+deb9u1 |
| buster | 1.4-28+deb10u1 |
| bullseye | 1.4-28+deb11u1 |
| bookworm | 1.4-28+deb12u1 |
| trixie | 1.4-29 |
| sid | 1.4-29 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-51441 | vulnerable (no DSA, postponed) | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | ** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerabilit ... |
| CVE-2023-40743 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | ** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0227 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A Server Side Request Forgery (SSRF) vulnerability affected the Apache ... |
| CVE-2007-2353 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ... |
| Bug | Description |
|---|---|
| CVE-2018-8032 | Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site ... |
| CVE-2014-3596 | The getCN function in Apache Axis 1.4 and earlier does not properly ve ... |
| CVE-2012-5784 | Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Ma ... |
| CVE-2010-2103 | Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/en ... |
| DSA / DLA | Description |
|---|---|
| ELA-1128-1 | axis - security update |
| DLA-3622-1 | axis - security update |
| DLA-2821-1 | axis - security update |
| DLA-169-1 | axis - security update |