Lucene search

K
cvelistRedhatCVELIST:CVE-2013-2153
HistoryAug 20, 2013 - 10:00 p.m.

CVE-2013-2153

2013-08-2022:00:00
redhat
www.cve.org
2

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.5%

The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to reuse signatures and spoof arbitrary content via crafted Reference elements in the Signature, aka “XML Signature Bypass issue.”

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.5%