3 matches found
Unity Linux 20.1070e Security Update: xml-security (UTSA-2025-988626)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988626 advisory. All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key...
PT-2024-22687 · Amazon · Amazon S3
Name of the Vulnerable Software and Affected Versions: CarrierWave versions prior to 2.2.6 CarrierWave versions prior to 3.0.7 Description: The issue is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value that is interpreted by...
PT-2023-6589 · Apache +1 · Apache Santuario Xml Security For Java +1
Name of the Vulnerable Software and Affected Versions: Apache Santuario - XML Security for Java versions prior to 2.2.6 Apache Santuario - XML Security for Java versions prior to 2.3.4 Apache Santuario - XML Security for Java versions prior to 3.0.3 Description: The issue is related to the...