Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.santuario/xmlsec@1.5.2
Typemaven
Namespaceorg.apache.santuario
Namexmlsec
Version1.5.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.1.7
Latest_non_vulnerable_version3.0.3
Affected_by_vulnerabilities
0
url VCID-46y3-rx34-pyc6
vulnerability_id VCID-46y3-rx34-pyc6
summary 
Exposure of Sensitive Information to an Unauthorized Actor
All versions of Apache Santuario - XML Security for Java is vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40690
reference_id
reference_type
scores
0
value 0.00278
scoring_system epss
scoring_elements 0.51318
published_at 2026-04-18T12:55:00Z
1
value 0.00278
scoring_system epss
scoring_elements 0.5131
published_at 2026-04-16T12:55:00Z
2
value 0.00278
scoring_system epss
scoring_elements 0.51271
published_at 2026-04-13T12:55:00Z
3
value 0.00278
scoring_system epss
scoring_elements 0.51284
published_at 2026-04-12T12:55:00Z
4
value 0.00278
scoring_system epss
scoring_elements 0.51173
published_at 2026-04-01T12:55:00Z
5
value 0.00278
scoring_system epss
scoring_elements 0.51306
published_at 2026-04-11T12:55:00Z
6
value 0.00278
scoring_system epss
scoring_elements 0.51262
published_at 2026-04-09T12:55:00Z
7
value 0.00278
scoring_system epss
scoring_elements 0.51265
published_at 2026-04-08T12:55:00Z
8
value 0.00278
scoring_system epss
scoring_elements 0.5121
published_at 2026-04-07T12:55:00Z
9
value 0.00278
scoring_system epss
scoring_elements 0.51251
published_at 2026-04-04T12:55:00Z
10
value 0.00278
scoring_system epss
scoring_elements 0.51225
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690
3
reference_url https://issues.apache.org/jira/browse/CXF-8613
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/CXF-8613
4
reference_url https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa@%3Ccommits.tomee.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59@%3Cissues.cxf.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59@%3Cissues.cxf.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28@%3Ccommits.tomee.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/raf352f95c19c0c4051af3180752cb69acbea88d0d066ab176c6170e8@%3Cuser.poi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raf352f95c19c0c4051af3180752cb69acbea88d0d066ab176c6170e8@%3Cuser.poi.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rbbbac0759b12472abd0c278d32b5e0867bb21934df8e14e5e641597c@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbbbac0759b12472abd0c278d32b5e0867bb21934df8e14e5e641597c@%3Ccommits.tomee.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rbdac116aef912b563da54f4c152222c0754e32fb2f785519ac5e059f@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbdac116aef912b563da54f4c152222c0754e32fb2f785519ac5e059f@%3Ccommits.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/re294cfc61f509512874ea514d8d64fd276253d54ac378ffa7a4880c8@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re294cfc61f509512874ea514d8d64fd276253d54ac378ffa7a4880c8@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2021/09/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/09/msg00015.html
14
reference_url https://security.netapp.com/advisory/ntap-20230818-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230818-0002
15
reference_url https://security.netapp.com/advisory/ntap-20230818-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20230818-0002/
16
reference_url https://www.debian.org/security/2021/dsa-5010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5010
17
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
18
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2011190
reference_id 2011190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2011190
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994569
reference_id 994569
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994569
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40690
reference_id CVE-2021-40690
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40690
22
reference_url https://github.com/advisories/GHSA-j8wc-gxx9-82hx
reference_id GHSA-j8wc-gxx9-82hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8wc-gxx9-82hx
23
reference_url https://access.redhat.com/errata/RHSA-2021:4679
reference_id RHSA-2021:4679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4679
24
reference_url https://access.redhat.com/errata/RHSA-2021:5149
reference_id RHSA-2021:5149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5149
25
reference_url https://access.redhat.com/errata/RHSA-2021:5150
reference_id RHSA-2021:5150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5150
26
reference_url https://access.redhat.com/errata/RHSA-2021:5151
reference_id RHSA-2021:5151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5151
27
reference_url https://access.redhat.com/errata/RHSA-2021:5154
reference_id RHSA-2021:5154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5154
28
reference_url https://access.redhat.com/errata/RHSA-2021:5170
reference_id RHSA-2021:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5170
29
reference_url https://access.redhat.com/errata/RHSA-2022:0146
reference_id RHSA-2022:0146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0146
30
reference_url https://access.redhat.com/errata/RHSA-2022:0151
reference_id RHSA-2022:0151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0151
31
reference_url https://access.redhat.com/errata/RHSA-2022:0152
reference_id RHSA-2022:0152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0152
32
reference_url https://access.redhat.com/errata/RHSA-2022:0155
reference_id RHSA-2022:0155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0155
33
reference_url https://access.redhat.com/errata/RHSA-2022:0164
reference_id RHSA-2022:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0164
34
reference_url https://access.redhat.com/errata/RHSA-2022:0501
reference_id RHSA-2022:0501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0501
35
reference_url https://access.redhat.com/errata/RHSA-2022:1013
reference_id RHSA-2022:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1013
36
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
37
reference_url https://access.redhat.com/errata/RHSA-2022:6407
reference_id RHSA-2022:6407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6407
38
reference_url https://usn.ubuntu.com/5525-1/
reference_id USN-5525-1
reference_type
scores
url https://usn.ubuntu.com/5525-1/
fixed_packages
0
url pkg:maven/org.apache.santuario/xmlsec@2.1.7
purl pkg:maven/org.apache.santuario/xmlsec@2.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@2.1.7
1
url pkg:maven/org.apache.santuario/xmlsec@2.2.3
purl pkg:maven/org.apache.santuario/xmlsec@2.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@2.2.3
aliases CVE-2021-40690, GHSA-j8wc-gxx9-82hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46y3-rx34-pyc6
1
url VCID-64x5-tgkj-9qb9
vulnerability_id VCID-64x5-tgkj-9qb9
summary jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1207.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1208.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1209.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1217.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1217.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-1218.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1218.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-1219.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1219.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-1220.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1220.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2013-1375.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1375.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2013-1437.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1437.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2013-1853.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1853.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-0212.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0212.html
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2172.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2172.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2172
reference_id
reference_type
scores
0
value 0.05394
scoring_system epss
scoring_elements 0.90141
published_at 2026-04-18T12:55:00Z
1
value 0.05394
scoring_system epss
scoring_elements 0.90081
published_at 2026-04-01T12:55:00Z
2
value 0.05394
scoring_system epss
scoring_elements 0.90084
published_at 2026-04-02T12:55:00Z
3
value 0.05394
scoring_system epss
scoring_elements 0.90095
published_at 2026-04-04T12:55:00Z
4
value 0.05394
scoring_system epss
scoring_elements 0.901
published_at 2026-04-07T12:55:00Z
5
value 0.05394
scoring_system epss
scoring_elements 0.90115
published_at 2026-04-08T12:55:00Z
6
value 0.05394
scoring_system epss
scoring_elements 0.90121
published_at 2026-04-09T12:55:00Z
7
value 0.05394
scoring_system epss
scoring_elements 0.9013
published_at 2026-04-11T12:55:00Z
8
value 0.05394
scoring_system epss
scoring_elements 0.90129
published_at 2026-04-12T12:55:00Z
9
value 0.05394
scoring_system epss
scoring_elements 0.90123
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2172
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2172
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2172
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2172
15
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
16
reference_url https://github.com/apache/santuario-java
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java
17
reference_url https://github.com/apache/santuario-java/commit/25e0e11493b061749f778030036cb5c406b34590
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/25e0e11493b061749f778030036cb5c406b34590
18
reference_url https://github.com/apache/santuario-java/commit/8e8f8bf92a43608d7d5f9e357fae19244454a61f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/8e8f8bf92a43608d7d5f9e357fae19244454a61f
19
reference_url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3@%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3@%3Ccommits.santuario.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd@%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd@%3Ccommits.santuario.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2172
24
reference_url http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java?r1=1353876&r2=1493772&pathrev=1493772&diff_format=h
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java?r1=1353876&r2=1493772&pathrev=1493772&diff_format=h
25
reference_url https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded
26
reference_url https://web.archive.org/web/20200228060314/http://www.securityfocus.com/bid/60846
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228060314/http://www.securityfocus.com/bid/60846
27
reference_url http://www.debian.org/security/2014/dsa-3065
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-3065
28
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
29
reference_url http://www.ubuntu.com/usn/USN-2028-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2028-1
30
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
31
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720375
reference_id 720375
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720375
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=999263
reference_id 999263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=999263
33
reference_url http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc
reference_id CVE-2013-2172.TXT.ASC
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc
34
reference_url https://github.com/advisories/GHSA-r237-w2w6-jq3p
reference_id GHSA-r237-w2w6-jq3p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r237-w2w6-jq3p
35
reference_url https://access.redhat.com/errata/RHSA-2013:1207
reference_id RHSA-2013:1207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1207
36
reference_url https://access.redhat.com/errata/RHSA-2013:1208
reference_id RHSA-2013:1208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1208
37
reference_url https://access.redhat.com/errata/RHSA-2013:1209
reference_id RHSA-2013:1209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1209
38
reference_url https://access.redhat.com/errata/RHSA-2013:1217
reference_id RHSA-2013:1217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1217
39
reference_url https://access.redhat.com/errata/RHSA-2013:1218
reference_id RHSA-2013:1218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1218
40
reference_url https://access.redhat.com/errata/RHSA-2013:1219
reference_id RHSA-2013:1219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1219
41
reference_url https://access.redhat.com/errata/RHSA-2013:1220
reference_id RHSA-2013:1220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1220
42
reference_url https://access.redhat.com/errata/RHSA-2013:1375
reference_id RHSA-2013:1375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1375
43
reference_url https://access.redhat.com/errata/RHSA-2013:1437
reference_id RHSA-2013:1437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1437
44
reference_url https://access.redhat.com/errata/RHSA-2013:1853
reference_id RHSA-2013:1853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1853
45
reference_url https://access.redhat.com/errata/RHSA-2014:0212
reference_id RHSA-2014:0212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0212
46
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
47
reference_url https://access.redhat.com/errata/RHSA-2014:1369
reference_id RHSA-2014:1369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1369
48
reference_url https://usn.ubuntu.com/2028-1/
reference_id USN-2028-1
reference_type
scores
url https://usn.ubuntu.com/2028-1/
fixed_packages
0
url pkg:maven/org.apache.santuario/xmlsec@1.5.5
purl pkg:maven/org.apache.santuario/xmlsec@1.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46y3-rx34-pyc6
1
vulnerability VCID-h8wa-77tk-m3av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.5
aliases CVE-2013-2172, GHSA-r237-w2w6-jq3p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64x5-tgkj-9qb9
2
url VCID-6q4h-4h6p-nufq
vulnerability_id VCID-6q4h-4h6p-nufq
summary Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
references
0
reference_url http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
reference_id
reference_type
scores
url http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
1
reference_url https://access.redhat.com/errata/RHSA-2014:0414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0414
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5823.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5823.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5823
reference_id
reference_type
scores
0
value 0.04936
scoring_system epss
scoring_elements 0.89642
published_at 2026-04-18T12:55:00Z
1
value 0.04936
scoring_system epss
scoring_elements 0.89588
published_at 2026-04-01T12:55:00Z
2
value 0.04936
scoring_system epss
scoring_elements 0.89591
published_at 2026-04-02T12:55:00Z
3
value 0.04936
scoring_system epss
scoring_elements 0.89604
published_at 2026-04-04T12:55:00Z
4
value 0.04936
scoring_system epss
scoring_elements 0.89605
published_at 2026-04-07T12:55:00Z
5
value 0.04936
scoring_system epss
scoring_elements 0.89622
published_at 2026-04-08T12:55:00Z
6
value 0.04936
scoring_system epss
scoring_elements 0.89627
published_at 2026-04-09T12:55:00Z
7
value 0.04936
scoring_system epss
scoring_elements 0.89634
published_at 2026-04-11T12:55:00Z
8
value 0.04936
scoring_system epss
scoring_elements 0.89633
published_at 2026-04-12T12:55:00Z
9
value 0.04936
scoring_system epss
scoring_elements 0.89626
published_at 2026-04-13T12:55:00Z
10
value 0.04936
scoring_system epss
scoring_elements 0.89641
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5823
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5823
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5823
5
reference_url https://github.com/apache/santuario-java/commit/55a48497dfbf3fe63a81e67c13160b3f41ebb1f3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/55a48497dfbf3fe63a81e67c13160b3f41ebb1f3
6
reference_url https://github.com/apache/santuario-java/commit/cea3c91106fb8be35e2f1bb3f1fe0cfddd0ec710
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/cea3c91106fb8be35e2f1bb3f1fe0cfddd0ec710
7
reference_url https://github.com/apache/santuario-java/commit/f9a61f2df9473237aa71308c28113540b4063d33
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/f9a61f2df9473237aa71308c28113540b4063d33
8
reference_url https://issues.apache.org/jira/browse/SANTUARIO-334
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SANTUARIO-334
9
reference_url https://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
10
reference_url https://marc.info/?l=bugtraq&m=138674031212883&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=138674031212883&w=2
11
reference_url https://marc.info/?l=bugtraq&m=138674073720143&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=138674073720143&w=2
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-5823
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-5823
13
reference_url https://security.gentoo.org/glsa/glsa-201406-32.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/glsa-201406-32.xml
14
reference_url http://svn.apache.org/viewvc?view=revision&revision=1367492
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1367492
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1019145
reference_id 1019145
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1019145
16
reference_url https://bugzilla.redhat.com/CVE-2013-5823
reference_id CVE-2013-5823
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-5823
17
reference_url https://github.com/advisories/GHSA-8gwc-x7mg-7p7p
reference_id GHSA-8gwc-x7mg-7p7p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8gwc-x7mg-7p7p
18
reference_url https://security.gentoo.org/glsa/201401-30
reference_id GLSA-201401-30
reference_type
scores
url https://security.gentoo.org/glsa/201401-30
19
reference_url https://security.gentoo.org/glsa/201406-32
reference_id GLSA-201406-32
reference_type
scores
url https://security.gentoo.org/glsa/201406-32
20
reference_url https://access.redhat.com/errata/RHSA-2013:1440
reference_id RHSA-2013:1440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1440
21
reference_url https://access.redhat.com/errata/RHSA-2013:1447
reference_id RHSA-2013:1447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1447
22
reference_url https://access.redhat.com/errata/RHSA-2013:1451
reference_id RHSA-2013:1451
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1451
23
reference_url https://access.redhat.com/errata/RHSA-2013:1505
reference_id RHSA-2013:1505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1505
24
reference_url https://access.redhat.com/errata/RHSA-2013:1507
reference_id RHSA-2013:1507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1507
25
reference_url https://access.redhat.com/errata/RHSA-2013:1508
reference_id RHSA-2013:1508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1508
26
reference_url https://access.redhat.com/errata/RHSA-2013:1793
reference_id RHSA-2013:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1793
27
reference_url https://usn.ubuntu.com/2033-1/
reference_id USN-2033-1
reference_type
scores
url https://usn.ubuntu.com/2033-1/
28
reference_url https://usn.ubuntu.com/2089-1/
reference_id USN-2089-1
reference_type
scores
url https://usn.ubuntu.com/2089-1/
fixed_packages
0
url pkg:maven/org.apache.santuario/xmlsec@1.5.3
purl pkg:maven/org.apache.santuario/xmlsec@1.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46y3-rx34-pyc6
1
vulnerability VCID-64x5-tgkj-9qb9
2
vulnerability VCID-h8wa-77tk-m3av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.3
aliases CVE-2013-5823, GHSA-8gwc-x7mg-7p7p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6q4h-4h6p-nufq
3
url VCID-h8wa-77tk-m3av
vulnerability_id VCID-h8wa-77tk-m3av
summary Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
references
0
reference_url http://packetstormsecurity.com/files/124554/Java-XML-Signature-Denial-Of-Service-Attack.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/124554/Java-XML-Signature-Denial-Of-Service-Attack.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0170.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0170.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0171.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0171.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0172.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0172.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-0195.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0195.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-1725.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1725.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1726.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1726.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-1727.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1727.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1728.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1728.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
12
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4517.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4517.json
13
reference_url http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
14
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4517
reference_id
reference_type
scores
0
value 0.14926
scoring_system epss
scoring_elements 0.9455
published_at 2026-04-13T12:55:00Z
1
value 0.14926
scoring_system epss
scoring_elements 0.94548
published_at 2026-04-11T12:55:00Z
2
value 0.14926
scoring_system epss
scoring_elements 0.94531
published_at 2026-04-07T12:55:00Z
3
value 0.14926
scoring_system epss
scoring_elements 0.94567
published_at 2026-04-18T12:55:00Z
4
value 0.14926
scoring_system epss
scoring_elements 0.94563
published_at 2026-04-16T12:55:00Z
5
value 0.14926
scoring_system epss
scoring_elements 0.94529
published_at 2026-04-04T12:55:00Z
6
value 0.14926
scoring_system epss
scoring_elements 0.94541
published_at 2026-04-08T12:55:00Z
7
value 0.14926
scoring_system epss
scoring_elements 0.94545
published_at 2026-04-09T12:55:00Z
8
value 0.14926
scoring_system epss
scoring_elements 0.94514
published_at 2026-04-01T12:55:00Z
9
value 0.14926
scoring_system epss
scoring_elements 0.94521
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4517
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517
16
reference_url http://seclists.org/fulldisclosure/2013/Dec/169
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2013/Dec/169
17
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/89891
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/89891
18
reference_url https://github.com/apache/santuario-java/commit/a09b9042f7759d094f2d49f40fc7bcf145164b25
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/santuario-java/commit/a09b9042f7759d094f2d49f40fc7bcf145164b25
19
reference_url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3@%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3@%3Ccommits.santuario.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd@%3Ccommits.santuario.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd@%3Ccommits.santuario.apache.org%3E
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4517
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4517
22
reference_url https://www.tenable.com/security/tns-2018-15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2018-15
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1045257
reference_id 1045257
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1045257
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733938
reference_id 733938
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733938
25
reference_url https://bugzilla.redhat.com/CVE-2013-4517
reference_id CVE-2013-4517
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-4517
26
reference_url https://cwiki.apache.org/confluence/download/attachments/27821224/cve-2013-4517.txt.asc
reference_id CVE-2013-4517.TXT.ASC
reference_type
scores
url https://cwiki.apache.org/confluence/download/attachments/27821224/cve-2013-4517.txt.asc
27
reference_url https://github.com/advisories/GHSA-4p4w-6h54-g885
reference_id GHSA-4p4w-6h54-g885
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4p4w-6h54-g885
28
reference_url https://access.redhat.com/errata/RHSA-2014:0170
reference_id RHSA-2014:0170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0170
29
reference_url https://access.redhat.com/errata/RHSA-2014:0171
reference_id RHSA-2014:0171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0171
30
reference_url https://access.redhat.com/errata/RHSA-2014:0172
reference_id RHSA-2014:0172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0172
31
reference_url https://access.redhat.com/errata/RHSA-2014:0195
reference_id RHSA-2014:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0195
32
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
33
reference_url https://access.redhat.com/errata/RHSA-2014:0473
reference_id RHSA-2014:0473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0473
34
reference_url https://access.redhat.com/errata/RHSA-2014:0582
reference_id RHSA-2014:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0582
35
reference_url https://access.redhat.com/errata/RHSA-2014:1725
reference_id RHSA-2014:1725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1725
36
reference_url https://access.redhat.com/errata/RHSA-2014:1726
reference_id RHSA-2014:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1726
37
reference_url https://access.redhat.com/errata/RHSA-2014:1727
reference_id RHSA-2014:1727
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1727
38
reference_url https://access.redhat.com/errata/RHSA-2014:1728
reference_id RHSA-2014:1728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1728
39
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
40
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
41
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
fixed_packages
0
url pkg:maven/org.apache.santuario/xmlsec@1.5.6
purl pkg:maven/org.apache.santuario/xmlsec@1.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46y3-rx34-pyc6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.6
aliases CVE-2013-4517, GHSA-4p4w-6h54-g885
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8wa-77tk-m3av
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.santuario/xmlsec@1.5.2