CVE-2013-2172
CVSS v2.0
4.3 (Medium)
EPSS
0.49 % (76th)
Affected Products
1
Advisories
3
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."
Weaknesses
- CWE-310
- Cryptographic Issues
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2013-08-20 22:55:04
(11 years ago) - Updated Date
-
2023-04-18 19:06:25
(17 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...