Apache Santuario Xml Security For Java vulnerabilities

1 known vulnerability affecting apache/apache_santuario_xml_security_for_java.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2019-12400MEDIUMCVSS 5.5vAll 2.0.x releases from 2.0.3vall 2.1.x releases before 2.1.4.2019-08-23
CVE-2019-12400 [MEDIUM] CWE-20 CVE-2019-12400: In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache S
cvelistv5nvd