Denial of Service Vulnerability in Apache Santuario XML Security for Java
CVE-2013-4517

Currently unrated

Key Information:

Vendor: Apache
Status: Santuario Xml Security For Java
Vendor: CVE Published:; 11 January 2014

What is CVE-2013-4517?

This vulnerability in Apache Santuario XML Security for Java allows remote attackers to trigger excessive memory consumption via crafted Document Type Definitions (DTDs) while applying Transforms, potentially leading to service downtime.

References

http://rhn.redhat.com/errata/RHSA-2014-1728.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2014-1726.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2014-0170.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 11, 2014
Vulnerability Reserved
Jun 12, 2013