This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Apache Santuario

Skip to end of metadata
Go to start of metadata

The following security advisories have been issued in connection with the Santuario Project.

2014

2013

  • CVE-2013-4517: Java XML Signature DoS Attack
  • CVE-2013-2210: Apache Santuario XML Security for C++ contains a heap overflow during XPointer evaluation
  • CVE-2013-2172: Java XML Signature spoofing attack
  • CVE-2013-2153: Apache Santuario XML Security for C++ contains an XML Signature Bypass issue
  • CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack overflow during XPointer evaluation
  • CVE-2013-2155: Apache Santuario XML Security for C++ contains denial of service and hash length bypass issues while processing HMAC signatures
  • CVE-2013-2156: Apache Santuario XML Security for C++ contains heap overflow while processing InclusiveNamespace PrefixList

2011

  • CVE-2011-2516: Apache Santuario XML Security for C++ contains buffer overflows signing or verifying with large keys.
  • No labels

0 Comments