Search for packages
Package details: pkg:deb/debian/libxml-security-java@1.4.5-1%2Bdeb7u1
purl pkg:deb/debian/libxml-security-java@1.4.5-1%2Bdeb7u1
Next non-vulnerable version 2.1.7-3
Latest non-vulnerable version 2.1.7-3
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-54af-zg2e-aaan
Aliases:
CVE-2013-2172
GHSA-r237-w2w6-jq3p
Cryptographic Issues Attackers could spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak canonicalization algorithm to apply to the `SignedInfo` part of the Signature.
1.5.6-1
Affected by 1 other vulnerability.
VCID-95nw-fscc-aaaa
Aliases:
CVE-2021-40690
GHSA-j8wc-gxx9-82hx
Exposure of Sensitive Information to an Unauthorized Actor in Apache Santuario
2.0.10-2+deb10u1
Affected by 2 other vulnerabilities.
2.0.10-2+deb11u1
Affected by 1 other vulnerability.
VCID-f3nz-xu8d-aaar
Aliases:
CVE-2013-4517
GHSA-4p4w-6h54-g885
Uncontrolled Resource Consumption When applying Transforms, remote attackers could cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
1.5.6-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-54af-zg2e-aaan Cryptographic Issues Attackers could spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak canonicalization algorithm to apply to the `SignedInfo` part of the Signature. CVE-2013-2172
GHSA-r237-w2w6-jq3p

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T17:47:31.371135+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:11:40.294147+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:31:49.912048+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T09:08:03.689889+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T00:07:02.376843+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa None 36.1.3
2025-06-20T21:36:36.242160+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar None 36.1.3
2025-06-20T19:46:25.735146+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan None 36.1.3
2025-06-20T19:27:01.280459+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan None 36.1.3
2025-06-08T10:20:31.608055+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:05:00.789777+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:25:53.303354+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T02:55:17.806634+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-07T17:29:49.512924+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa None 36.1.0
2025-06-07T14:59:14.083414+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar None 36.1.0
2025-06-07T13:38:32.292646+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan None 36.1.0
2025-06-07T13:24:50.751134+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan None 36.1.0
2025-06-03T13:24:07.937415+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan None 36.1.2
2025-04-12T21:52:49.436380+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:57:27.212941+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:53:41.892420+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:01:31.084106+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:37:40.527014+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:58:10.758624+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T01:22:30.818352+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T16:04:20.046132+00:00 Debian Oval Importer Affected by VCID-95nw-fscc-aaaa None 36.0.0
2025-04-07T13:31:06.956772+00:00 Debian Oval Importer Affected by VCID-f3nz-xu8d-aaar None 36.0.0
2025-04-07T12:13:55.584253+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan None 36.0.0
2025-04-07T12:00:21.354509+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan None 36.0.0
2024-12-31T11:36:14.109341+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-12-31T11:36:13.386655+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-15T07:45:27.183741+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-15T07:45:26.493306+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-05T05:36:35.680979+00:00 Debian Oval Importer Affected by VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-10-05T05:36:34.991938+00:00 Debian Oval Importer Fixing VCID-54af-zg2e-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1