CVE-2019-12400

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://santuario.apache.org/secadv.data/CVE-2019-12400.asc?version=1&modificationDate=1566573083000&api=v2", "name": "http://santuario.apache.org/secadv.data/CVE-2019-12400.asc?version=1&modificationDate=1566573083000&api=v2", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://lists.apache.org/thread.html/8e814b925bf580bc527d96ff51e72ffe5bdeaa4b8bf5b89498cab24c@%3Cdev.santuario.apache.org%3E", "name": "[santuario-dev] 20190905 Re: [CVE-2019-12400] Apache Santuario potentially loads XML parsing code from an untrusted source", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/edaa7edb9c58e5f5bd0c950f2b6232b62b15f5c44ad803e8728308ce@%3Cdev.santuario.apache.org%3E", "name": "[santuario-dev] 20190906 Re: [CVE-2019-12400] Apache Santuario potentially loads XML parsing code from an untrusted source", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://security.netapp.com/advisory/ntap-20190910-0003/", "name": "https://security.netapp.com/advisory/ntap-20190910-0003/", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://access.redhat.com/errata/RHSA-2020:0804", "name": "RHSA-2020:0804", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2020:0805", "name": "RHSA-2020:0805", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2020:0811", "name": "RHSA-2020:0811", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2020:0806", "name": "RHSA-2020:0806", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://lists.apache.org/thread.html/rcdc0da94fe21b26493eae47ca987a290bdf90c721a7a42491fdd41d4@%3Ccommits.tomee.apache.org%3E", "name": "[tomee-commits] 20200324 [jira] [Created] (TOMEE-2791) TomEE plus(7.0.7) is affected by CVE-2019-12400 vulnerability", "tags": ["Mailing List", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/rf82be0a7c98cd3545e20817bb96ed05551ea0020acbaf9a469fef402@%3Ccommits.tomee.apache.org%3E", "name": "[tomee-commits] 20200720 [jira] [Created] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400", "tags": ["Mailing List", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r107bffb06a5e27457fe9af7dfe3a233d0d36c6c2f5122f117eb7f626@%3Ccommits.tomee.apache.org%3E", "name": "[tomee-commits] 20200720 [jira] [Assigned] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400", "tags": ["Mailing List", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/rf958cea96236de8829940109ae07e870aa3d59235345421e4924ff03@%3Ccommits.tomee.apache.org%3E", "name": "[tomee-commits] 20200720 [jira] [Commented] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400", "tags": ["Mailing List", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd@%3Ccommits.santuario.apache.org%3E", "name": "[santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-12400", "ASSIGNER": "security@apache.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2019-08-23T21:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apache:santuario_xml_security_for_java:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.1.4", "versionStartIncluding": "2.1.0"}, {"cpe23Uri": "cpe:2.3:a:apache:santuario_xml_security_for_java:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.0.10", "versionStartIncluding": "2.0.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-04-13T14:49Z"}