pkg:maven/org.apache.santuario/xmlsec
Type
maven
Namespace
org.apache.santuario
Name
xmlsec
Known advisories, vulnerabilities and fixes for org.apache.santuario/xmlsec package.
High
1
Moderate
7
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.5.6 |
CVE-2013-4517
|
MAVEN:GHSA-4P4W-6H54-G885 | Improper Input Validation in Apache Santuario XML Security | moderate |
2022-05-13T01:05:55
(2 years ago) |
|
Fixed | = 1.5.6 |
CVE-2013-4517
|
MAVEN:GHSA-4P4W-6H54-G885 | Improper Input Validation in Apache Santuario XML Security | moderate |
2022-05-13T01:05:55
(2 years ago) |
|
Affected | >= 2.0.3, < 2.1.4 |
CVE-2019-12400
|
MAVEN:GHSA-4Q98-WR72-H35W | Improper input validation in Apache Santuario XML Security for Java | moderate |
2019-08-27T17:41:33
(5 years ago) |
|
Fixed | = 2.1.4 |
CVE-2019-12400
|
MAVEN:GHSA-4Q98-WR72-H35W | Improper input validation in Apache Santuario XML Security for Java | moderate |
2019-08-27T17:41:33
(5 years ago) |
|
Affected | >= 1.5.0, < 1.5.3 >= 1.4.0, < 1.4.8 |
CVE-2013-5823
|
MAVEN:GHSA-8GWC-X7MG-7P7P | Apache XML Security For Java vulnerable to Infinite Loop | moderate |
2022-05-14T00:02:32
(2 years ago) |
|
Fixed | = 1.5.3 = 1.4.8 |
CVE-2013-5823
|
MAVEN:GHSA-8GWC-X7MG-7P7P | Apache XML Security For Java vulnerable to Infinite Loop | moderate |
2022-05-14T00:02:32
(2 years ago) |
|
Affected | >= 1.4.0, < 1.4.3 |
CVE-2009-0217
|
MAVEN:GHSA-8HFM-837H-HJG5 | Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation | moderate |
2022-05-02T03:13:38
(2 years ago) |
|
Fixed | = 1.4.3 |
CVE-2009-0217
|
MAVEN:GHSA-8HFM-837H-HJG5 | Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation | moderate |
2022-05-02T03:13:38
(2 years ago) |
|
Affected | < 2.1.7 >= 2.2.0, < 2.2.3 |
CVE-2021-40690
|
MAVEN:GHSA-J8WC-GXX9-82HX | Exposure of Sensitive Information to an Unauthorized Actor in Apache Santuario | high |
2021-09-20T23:18:41
(3 years ago) |
|
Fixed | = 2.1.7 = 2.2.3 |
CVE-2021-40690
|
MAVEN:GHSA-J8WC-GXX9-82HX | Exposure of Sensitive Information to an Unauthorized Actor in Apache Santuario | high |
2021-09-20T23:18:41
(3 years ago) |
|
Affected | >= 1.5.0, < 1.5.5 >= 1.4.0, < 1.4.8 |
CVE-2013-2172
|
MAVEN:GHSA-R237-W2W6-JQ3P | Inefficient Algorithmic Complexity in Apache Santuario XML Security | moderate |
2022-05-13T01:05:56
(2 years ago) |
|
Fixed | = 1.5.5 = 1.4.8 |
CVE-2013-2172
|
MAVEN:GHSA-R237-W2W6-JQ3P | Inefficient Algorithmic Complexity in Apache Santuario XML Security | moderate |
2022-05-13T01:05:56
(2 years ago) |
|
Affected | >= 2.0.0, < 2.0.3 |
CVE-2014-8152
|
MAVEN:GHSA-W7CQ-J9P9-HM3M | Improper Input Validation in Apache Santuario XML Security | moderate |
2022-05-13T01:05:55
(2 years ago) |
|
Fixed | = 2.0.3 |
CVE-2014-8152
|
MAVEN:GHSA-W7CQ-J9P9-HM3M | Improper Input Validation in Apache Santuario XML Security | moderate |
2022-05-13T01:05:55
(2 years ago) |
|
Affected | >= 3.0.0, < 3.0.3 < 2.2.6 >= 2.3.0, < 2.3.4 |
CVE-2023-44483
|
MAVEN:GHSA-XFRJ-6VVC-3XM2 | Apache Santuario - XML Security for Java are vulnerable to private key disclosure | moderate |
2023-10-20T12:31:04
(11 months ago) |
|
Fixed | = 3.0.3 = 2.2.6 = 2.3.4 |
CVE-2023-44483
|
MAVEN:GHSA-XFRJ-6VVC-3XM2 | Apache Santuario - XML Security for Java are vulnerable to private key disclosure | moderate |
2023-10-20T12:31:04
(11 months ago) |