CVE-2021-40690

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-40690
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-40690.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-40690
Aliases
Related
Published
2021-09-19T18:15:07Z
Modified
2024-10-12T08:27:12.806610Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

References

Affected packages

Debian:11 / libxml-security-java

Package

Name
libxml-security-java
Purl
pkg:deb/debian/libxml-security-java?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.10-2+deb11u1

Affected versions

2.*

2.0.10-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libxml-security-java

Package

Name
libxml-security-java
Purl
pkg:deb/debian/libxml-security-java?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libxml-security-java

Package

Name
libxml-security-java
Purl
pkg:deb/debian/libxml-security-java?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/apache/cxf

Affected ranges

Type
GIT
Repo
https://github.com/apache/cxf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/apache/santuario-xml-security-java
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/apache/tomee
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

8.*

8.0.0-TT.1

tomee-7.*

tomee-7.0.5

tomee-8.*

tomee-8.0.0
tomee-8.0.0-M3
tomee-8.0.1
tomee-8.0.2
tomee-8.0.5
tomee-8.0.6

tomee-project-8.*

tomee-project-8.0.3
tomee-project-8.0.4
tomee-project-8.0.7

xmlsec-2.*

xmlsec-2.1.6