Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2021-40690

Published: 19/09/2021 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Santuario Xml Security For Java

Vulnerability Summary

All versions of Apache Santuario - XML Security for Java before 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an malicious user to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache santuario xml security for java

apache tomee

apache cxf 3.4.4

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

oracle flexcube private banking 12.1.0

oracle agile plm 9.3.6

oracle weblogic server 12.2.1.4.0

oracle peoplesoft enterprise peopletools 8.58

oracle outside in technology 8.5.5

oracle weblogic server 14.1.1.0.0

oracle retail merchandising system 16.0.3

oracle retail service backbone 16.0.3

oracle retail financial integration 16.0.3

oracle retail integration bus 16.0.3

oracle commerce guided search 11.3.2

oracle peoplesoft enterprise peopletools 8.59

oracle retail service backbone 15.0.3.1

oracle retail service backbone 14.1.3.2

oracle communications messaging server 8.1

oracle retail merchandising system 19.0.1

oracle retail integration bus 14.1.3.2

oracle retail financial integration 14.1.3.2

oracle retail integration bus 15.0.3.1

oracle retail financial integration 15.0.3.1

oracle commerce platform 11.3.2

oracle retail service backbone 19.0.1

oracle retail integration bus 19.0.1

oracle retail financial integration 19.0.1

oracle communications diameter intelligence hub

oracle retail bulk data integration 16.0.3

Vendor Advisories

Debian CVElist Bug Report Logs: libxml-security-java: CVE-2021-40690
Debian Bug report logs - #994569 libxml-security-java: CVE-2021-40690 Package: src:libxml-security-java; Maintainer for src:libxml-security-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 17 Sep 2021 19:54:01 UTC Severity ...
Debian Security Advisories: DSA-5010-1 libxml-security-java -- security update
Apache Santuario - XML Security for Java is vulnerable to an issue where the secureValidation property is not passed correctly when creating a KeyInfo from a KeyInfoReference element This allows an attacker to abuse an XPath Transform to extract any local xml files in a RetrievalMethod element For the oldstable distribution (buster), this proble ...
Red Hat: Moderate: Red Hat Integration - Service Registry release and security update [2.0.3.GA]
Synopsis Moderate: Red Hat Integration - Service Registry release and security update [203GA] Type/Severity Security Advisory: Moderate Topic An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog The purpose of this text-only errata is to inform you about the security issues f ...
Red Hat: Moderate: Red Hat Integration Camel-K 1.8 security update
Synopsis Moderate: Red Hat Integration Camel-K 18 security update Type/Severity Security Advisory: Moderate Topic A minor version update is now available for Red Hat Integration Camel K The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update as havi ...
Red Hat: Moderate: Red Hat Integration Camel Extensions for Quarkus 2.2.1 security update
Synopsis Moderate: Red Hat Integration Camel Extensions for Quarkus 221 security update Type/Severity Security Advisory: Moderate Topic A security update to Red Hat Integration Camel Extensions for Quarkus 22 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has ...
Red Hat: Important: Red Hat Fuse 7.11.0 release and security update
Synopsis Important: Red Hat Fuse 7110 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 710 to 711) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...
Red Hat: CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 223 and 217 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element This allows an attacker to abuse an XPath Transform to extract any local xml files in a RetrievalMethod element ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Common Services
Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2019-10172, CVE-2020-27218, CVE-2021-4133, CVE-2021-22060, CVE-2021-22096, CVE-2021-30468, CVE-2021-37136, CVE-2021-37137, CVE-2021-37714, CVE-2021-40690, CVE-2021-42575, CVE-2022-22968 Affected products and versions are listed below Please upgrade your version ...

Mailing Lists

Full Disclosure: CVE-2021-40690: Apache Santuario: Bypass of the secureValidation property
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-40690: Apache Santuario: Bypass of the secureValidation property <!--X-Subject-Header-End--> <!--X-Head-of-Message--> ...

Github Repositories

https://github.com/onelogin/java-saml

Java SAML toolkit

SAML Java Toolkit Add SAML support to your Java applications using this library 280 uses xmlsec 223 which fixes CVE-2021-40690 Version &gt;= 250 compatible with java8 / java9 Not compatible with java7 250 sets the 'strict' setting parameter to true 250 uses xmlsec 214 which fixes CVE-2019-12400 Version 200 - 240, compatible with java7 / java8

https://github.com/SAML-Toolkits/java-saml

Java SAML toolkit

SAML Java Toolkit Add SAML support to your Java applications using this library 280 uses xmlsec 223 which fixes CVE-2021-40690 Version &gt;= 250 compatible with java8 / java9 Not compatible with java7 250 sets the 'strict' setting parameter to true 250 uses xmlsec 214 which fixes CVE-2019-12400 Version 200 - 240, compatible with java7 / java8

https://github.com/VallieRunte/javascript-web

SAML Java Toolkit Add SAML support to your Java applications using this library 280 uses xmlsec 223 which fixes CVE-2021-40690 Version &gt;= 250 compatible with java8 / java9 Not compatible with java7 250 sets the 'strict' setting parameter to true 250 uses xmlsec 214 which fixes CVE-2019-12400 Version 200 - 240, compatible with java7 / java8

References

CWE-200https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3Ehttps://lists.debian.org/debian-lts-announce/2021/09/msg00015.htmlhttps://www.debian.org/security/2021/dsa-5010https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://security.netapp.com/advisory/ntap-20230818-0002/https://lists.apache.org/thread.html/rbdac116aef912b563da54f4c152222c0754e32fb2f785519ac5e059f%40%3Ccommits.tomee.apache.org%3Ehttps://lists.apache.org/thread.html/re294cfc61f509512874ea514d8d64fd276253d54ac378ffa7a4880c8%40%3Ccommits.tomee.apache.org%3Ehttps://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28%40%3Ccommits.tomee.apache.org%3Ehttps://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4%40%3Ccommits.tomee.apache.org%3Ehttps://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa%40%3Ccommits.tomee.apache.org%3Ehttps://lists.apache.org/thread.html/raf352f95c19c0c4051af3180752cb69acbea88d0d066ab176c6170e8%40%3Cuser.poi.apache.org%3Ehttps://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59%40%3Cissues.cxf.apache.org%3Ehttps://lists.apache.org/thread.html/rbbbac0759b12472abd0c278d32b5e0867bb21934df8e14e5e641597c%40%3Ccommits.tomee.apache.org%3Ehttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994569https://github.com/onelogin/java-samlhttps://www.debian.org/security/2021/dsa-5010
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook