Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
CVE-2019-0227: wrong link #1
I'm checking this Axis vulnerability as part of the Debian LTS team.
In your disclosure you mention a SSRF patch from Apache, but the link points to an old 2017 binary Jenkins build of Axis.
Is the SSRF patch referenced under this CVE?
Yup that was a mistake we are getting that fixed. Here is the maintained version. https://travis-ci.org/apache/axis1-java