This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The following security advisories have been issued in connection with the Santuario Project.

2014

2013

  • CVE-2013-4517: Java XML Signature DoS Attack
  • CVE-2013-2210: Apache Santuario XML Security for C++ contains a heap overflow during XPointer evaluation
  • CVE-2013-2172: Java XML Signature spoofing attack
  • CVE-2013-2153: Apache Santuario XML Security for C++ contains an XML Signature Bypass issue
  • CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack overflow during XPointer evaluation
  • CVE-2013-2155: Apache Santuario XML Security for C++ contains denial of service and hash length bypass issues while processing HMAC signatures
  • CVE-2013-2156: Apache Santuario XML Security for C++ contains heap overflow while processing InclusiveNamespace PrefixList

...