Explore top 10 tips to secure your open-source projects now. Read More
×
Apache XML Security for Java could be made to expose sensitive information.
Software Description:
- libxml-security-java: Apache XML Security for Java
Details:
It was discovered that Apache XML Security for Java incorrectly passed a
configuration property when creating specific key elements. This allows an
attacker to abuse an XPath Transform to extract sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libxml-security-java 2.0.10-2+deb11u1build0.20.04.1 Ubuntu 18.04 LTS: libxml-security-java 2.0.10-2~18.04.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5525-1
CVE-2021-40690
Get the latest Linux and open source security news straight to your inbox.