Apache Xml Security For C++ — known CVE vulnerabilities
Every CVE whose affected-product data names Apache Xml Security For C++, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2013-2154 — CVSS 7.5 (high): Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for…
CVE-2013-2156 — CVSS 7.5 (high): Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML…
CVE-2013-2210 — CVSS 7.5 (high): Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c)…
CVE-2013-2155 — CVSS 5.8 (medium): Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly validate length values, which allows remote…
CVE-2011-2516 — CVSS 5.0 (medium): Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other…
CVE-2013-2153 — CVSS 4.3 (medium): The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before…