Apache Santuario_xml_security_for_java
6 CVEs affecting Apache Santuario_xml_security_for_java. Latest disclosed: 2023-10-20. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-40690 | High | 7.5 | 2021-09-19 | All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passe… |
CVE-2023-44483 | Medium | 6.5 | 2023-10-20 | All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a priva… |
CVE-2019-12400 | Medium | 5.5 | 2019-08-23 | In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of Docum… |
CVE-2014-8152 | | 2015-01-21 | Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML… | |
CVE-2013-4517 | | 2014-01-11 | Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via cr… | |
CVE-2013-2172 | | 2013-08-20 | jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dep… |