CVE-2021-40690: All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not…

high7.5CVSS 3.1

AVNACLPRNUINSUCHINAN

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Affected

37 ranges· showing 25

Vendor	Product	Version range	Fixed in
apache	cxf	—	—
apache	santuario_xml_security_for_java	< 2.1.7	2.1.7
apache	santuario_xml_security_for_java	>= 2.2.0 < 2.2.3	2.2.3
apache	tomee	< 8.0.8	8.0.8
apache_software_foundation	apache_santuario	>= XML Security for Java < 2.2.3,2.1.7	2.2.3,2.1.7
atlassian	crowd	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	libxml-security-java	< libxml-security-java 2.1.7-1 (bookworm)	libxml-security-java 2.1.7-1 (bookworm)
oracle	agile_plm	—	—
oracle	commerce_guided_search	—	—
oracle	commerce_platform	—	—
oracle	communications_diameter_intelligence_hub	8.0.0 – 8.1.0	—
oracle	communications_diameter_intelligence_hub	8.2.0 – 8.2.3	—
oracle	communications_messaging_server	—	—
oracle	flexcube_private_banking	—	—
oracle	outside_in_technology	—	—
oracle	peoplesoft_enterprise_peopletools	—	—
oracle	peoplesoft_enterprise_peopletools	—	—
oracle	retail_bulk_data_integration	—	—
oracle	retail_financial_integration	—	—
oracle	retail_financial_integration	—	—
oracle	retail_financial_integration	—	—
oracle	retail_financial_integration	—	—

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

osv7.5HIGH