Update Apache Santuario - XML Security for Java (MINDBREEZE29381)

ID: MINDBREEZE29381 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 6.5 Medium 
Status: Final 
First published: March 18, 2024 
CVEs: CVE-2023-44483 

Summary

• CVE-2023-44483 Private keys may be exposed in debug-level log files during XML Signature generation

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 24.1 Release 
• Mindbreeze InSpire SaaS 24.1 Release