-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-2210: Apache Santuario XML Security for C++ contains a heap
overflow during XPointer evaluation
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Santuario XML Security for C++ library versions
prior to
CVE-2013-2153: Apache Santuario XML Security for C++ contains an
XML Signature Bypass issue
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Santuario XML Security for C++ library versions
prior to V1.7.1
Description: The implementation of XML digital
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack
overflow during XPointer evaluation
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Santuario XML Security for C++ library versions
prior to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-2155: Apache Santuario XML Security for C++ contains denial
of service and hash length bypass issues while processing HMAC signatures
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Santuario XML
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-2156: Apache Santuario XML Security for C++ contains heap
overflow while processing InclusiveNamespace PrefixList
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: Apache Santuario XML Security for C++ library
Please be advised that a security issue affecting the Apache XML Security
Library for C++ has been identified and an updated version released to
address the issue. The full text of the advisory is below, and a signed
version can be found at:
http://santuario.apache.org/secadv/CVE-2011-2516.txt