Описание
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.0396
Низкий
5 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
ubuntu
около 11 лет назад
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document.
redhat
около 11 лет назад
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document.
debian
около 11 лет назад
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remot ...
CVSS3: 5.3
github
больше 3 лет назад
Improper Input Validation in Apache Santuario XML Security
EPSS
Процентиль: 88%
0.0396
Низкий
5 Medium
CVSS2
Дефекты
CWE-254