The Apache Santuarioâ„¢ project is aimed at providing implementation of
the primary security standards for XML:
- XML-Signature Syntax and Processing
- XML Encryption Syntax and Processing.
A new CVE is released for Apache Santuario - XML Security for Java,
which is fixed in the latest 2.2.3 and 2.1.7 releases:
CVE-2021-40690 - Bypass of the secureValidation property
(https://santuario.apache.org/secadv.data/CVE-2021-40690.txt.asc)
Please see the main site for more information: https://santuario.apache.org/
Colm.
