CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44483

All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.6%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-44483

Apache » Santuario Xml Security For Java » Version: 1.1

cpe:2.3:a:apache:santuario_xml_security_for_java:1.1
Apache » Santuario Xml Security For Java » Version: 1.2.0

cpe:2.3:a:apache:santuario_xml_security_for_java:1.2.0
Apache » Santuario Xml Security For Java » Version: 1.2.1

cpe:2.3:a:apache:santuario_xml_security_for_java:1.2.1
Apache » Santuario Xml Security For Java » Version: 1.3.0

cpe:2.3:a:apache:santuario_xml_security_for_java:1.3.0
Apache » Santuario Xml Security For Java » Version: 1.4.0

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.0
Apache » Santuario Xml Security For Java » Version: 1.4.1

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.1
Apache » Santuario Xml Security For Java » Version: 1.4.2

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.2
Apache » Santuario Xml Security For Java » Version: 1.4.3

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.3
Apache » Santuario Xml Security For Java » Version: 1.4.4

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.4
Apache » Santuario Xml Security For Java » Version: 1.4.5

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.5
Apache » Santuario Xml Security For Java » Version: 1.4.6

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.6
Apache » Santuario Xml Security For Java » Version: 1.4.7

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.7
Apache » Santuario Xml Security For Java » Version: 1.4.8

cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.8
Apache » Santuario Xml Security For Java » Version: 1.5.0

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.0
Apache » Santuario Xml Security For Java » Version: 1.5.1

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.1
Apache » Santuario Xml Security For Java » Version: 1.5.2

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.2
Apache » Santuario Xml Security For Java » Version: 1.5.3

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.3
Apache » Santuario Xml Security For Java » Version: 1.5.4

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.4
Apache » Santuario Xml Security For Java » Version: 1.5.5

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.5
Apache » Santuario Xml Security For Java » Version: 1.5.6

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.6
Apache » Santuario Xml Security For Java » Version: 1.5.7

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.7
Apache » Santuario Xml Security For Java » Version: 1.5.8

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.8
Apache » Santuario Xml Security For Java » Version: 2.0.0

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.0
Apache » Santuario Xml Security For Java » Version: 2.0.1

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.1
Apache » Santuario Xml Security For Java » Version: 2.0.10

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.10
Apache » Santuario Xml Security For Java » Version: 2.0.11

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.11
Apache » Santuario Xml Security For Java » Version: 2.0.2

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.2
Apache » Santuario Xml Security For Java » Version: 2.0.3

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.3
Apache » Santuario Xml Security For Java » Version: 2.0.4

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.4
Apache » Santuario Xml Security For Java » Version: 2.0.5

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.5
Apache » Santuario Xml Security For Java » Version: 2.0.9

cpe:2.3:a:apache:santuario_xml_security_for_java:2.0.9
Apache » Santuario Xml Security For Java » Version: 2.1.0

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.0
Apache » Santuario Xml Security For Java » Version: 2.1.1

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.1
Apache » Santuario Xml Security For Java » Version: 2.1.2

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.2
Apache » Santuario Xml Security For Java » Version: 2.1.3

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.3
Apache » Santuario Xml Security For Java » Version: 2.1.4

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.4
Apache » Santuario Xml Security For Java » Version: 2.1.5

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.5
Apache » Santuario Xml Security For Java » Version: 2.1.6

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.6
Apache » Santuario Xml Security For Java » Version: 2.1.7

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.7
Apache » Santuario Xml Security For Java » Version: 2.1.8

cpe:2.3:a:apache:santuario_xml_security_for_java:2.1.8
Apache » Santuario Xml Security For Java » Version: 2.2.0

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.0
Apache » Santuario Xml Security For Java » Version: 2.2.1

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.1
Apache » Santuario Xml Security For Java » Version: 2.2.2

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.2
Apache » Santuario Xml Security For Java » Version: 2.2.3

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.3
Apache » Santuario Xml Security For Java » Version: 2.2.4

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.4
Apache » Santuario Xml Security For Java » Version: 2.2.5

cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.5
Apache » Santuario Xml Security For Java » Version: 2.3.0

cpe:2.3:a:apache:santuario_xml_security_for_java:2.3.0
Apache » Santuario Xml Security For Java » Version: 2.3.1

cpe:2.3:a:apache:santuario_xml_security_for_java:2.3.1
Apache » Santuario Xml Security For Java » Version: 2.3.2

cpe:2.3:a:apache:santuario_xml_security_for_java:2.3.2
Apache » Santuario Xml Security For Java » Version: 2.3.3

cpe:2.3:a:apache:santuario_xml_security_for_java:2.3.3
Apache » Santuario Xml Security For Java » Version: 3.0.0

cpe:2.3:a:apache:santuario_xml_security_for_java:3.0.0
Apache » Santuario Xml Security For Java » Version: 3.0.1

cpe:2.3:a:apache:santuario_xml_security_for_java:3.0.1
Apache » Santuario Xml Security For Java » Version: 3.0.2

cpe:2.3:a:apache:santuario_xml_security_for_java:3.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44483

Products

Pricing

Contact Us