EUVD-2022-5065

Malicious code in bioql PyPI...

Debian: Security Advisory (DLA-85-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-R237-W2W6-JQ3P Inefficient Algorithmic Complexity in Apache Santuario XML Security

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization...

Spoofable XML Signature

Apache Santuario XML Security is vulnerable to Spoofable XML Signature. The use of weak CanonicalizationMethod in jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an...

DLA-85-1 libxml-security-java - security update

Bulletin has no description...

Debian DSA-3065-1 : libxml-security-java - security update

James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoof XML signatures. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 3065-1] libxml-security-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3065-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 06, 2014 http://www.debian.org/security/faq -...

DSA-3065-1 libxml-security-java - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3065-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated xml-security package fixes security vulnerability

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures CVE-2013-2172...

MGASA-2014-0002 Updated xml-security package fixes security vulnerability

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures CVE-2013-2172...

[USN-2028-1] Apache XML Security for Java vulnerability

========================================================================== Ubuntu Security Notice USN-2028-1 November 12, 2013 libxml-security-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

USN-2028-1: Apache XML Security for Java vulnerability

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures...

CVE-2013-2172

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization...

CVE-2013-2172

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization...

CVE-2013-2172

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization...

Apache XML Security签名伪造漏洞

CVE ID:CVE-2013-2172 Apache XML Security是一个XML安全标准下的数字签名实现 XML签名包含一个"CanonicalizationMethod"参数用于指定应用于签名的SignedInfo部分所需的规范化算法canonicalization algorithm。而实际是XML签名的Apache Santuario XML Security for Java实现允许把任意算法指定给此参数，可被利用对XML签名进行伪造攻击 0 Apache XML Security Java 1.5.x Apache XML Security Java 1.4.x...