Apache Santuario Xml Security For Java — known CVE vulnerabilities
Every CVE whose affected-product data names Apache Santuario Xml Security For Java, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-40690 — CVSS 7.5 (high): All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation"…
CVE-2023-44483 — CVSS 6.5 (medium): All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an…
CVE-2019-12400 — CVSS 5.5 (medium): In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a…
CVE-2014-8152 — CVSS 5.0 (medium): Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection…
CVE-2013-2172 — CVSS 4.3 (medium): jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before…
CVE-2013-4517 — CVSS 4.3 (medium): Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory…