[
https://issues.apache.org/jira/browse/CXF-8706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17651023#comment-17651023
]
Andriy Redko commented on CXF-8706:
---
Thanks [~cqlin]
> Did this prompted the new CVE-2022-46364: Apache
[
https://issues.apache.org/jira/browse/CXF-8706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17650941#comment-17650941
]
Chunqing Lin commented on CXF-8706:
---
[~bergers] , this is not limited MTOM, basically it is part of the
[
https://issues.apache.org/jira/browse/CXF-8706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17649529#comment-17649529
]
Andriy Redko commented on CXF-8706:
---
[~bergers] the fix disables arbitrary data sources by default, w/o
[
https://issues.apache.org/jira/browse/CXF-8706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17649304#comment-17649304
]
Stefan Berger commented on CXF-8706:
I don't think this is limited to MTOM enabled only.
I can send