Date: Tue, 19 Mar 2024 03:15:40 +0000 (UTC)
Message-ID: <314145201.54044.1710818140578@cwiki-he-fi.apache.org>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_54043_302352257.1710818140578"
------=_Part_54043_302352257.1710818140578
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
secadv
secadv
For information on how to =
report a new security problem please see here. The following security advisories have be=
en issued in connection with the Santuario Project.
2023
- CVE-2023-44483: Apache Santuari=
o: Private Key disclosure in debug-log output
2021
2019
- CVE-2019-12400: Apache Santuario pote=
ntially loads XML parsing code from an untrusted source
2014
2013
- CVE-2013-4517: Java XML Signature =
DoS Attack
- CVE-2013-2210: Apache Santuario XML Securi=
ty for C++ contains a heap overflow during XPointer evaluation
- CVE-2013-2172: Java XML Signature =
spoofing attack
- CVE-2013-2153: Apache Santuario XML Securi=
ty for C++ contains an XML Signature Bypass issue
- CVE-2013-2154: Apache Santuario XML Securi=
ty for C++ contains a stack overflow during XPointer evaluation
- CVE-2013-2155: Apache Santuario XML Securi=
ty for C++ contains denial of service and hash length bypass issues while p=
rocessing HMAC signatures
- CVE-2013-2156: Apache Santuario XML Securi=
ty for C++ contains heap overflow while processing InclusiveNamespace Prefi=
xList
2011
- CVE-2011-2516: Apache Santuario XML Securi=
ty for C++ contains buffer overflows signing or verifying with large keys.<=
/li>
------=_Part_54043_302352257.1710818140578--