Lucene search
GoogleOSV:GO-2020-0050HistoryApr 14, 2021 - 8:04 p.m.
XML digital signature validation bypass in github.com/russellhaering/goxmldsig
2021-04-1420:04:52
Google
osv.dev
15
github
russellhaering
goxmldsig
xml
digital signature
validation
bypass
encoding/xml
crafted
document
unsigned
Due to the behavior of encoding/xml, a crafted XML document may cause XML Digital Signature validation to be entirely bypassed, causing an unsigned document to appear signed.
Related
osv
osv
GO-2022-0409
2022-07-01 20:08:30
GO-2021-0056
2021-04-14 20:04:52
cvelist
cvelist
CVE-2020-26290 Critical security issues in XML encoding in Dex
2020-12-28 19:15:17
CVE-2020-27847
2021-05-28 10:20:35
CVE-2020-15216 Signature Validation Bypass in goxmldsig
2020-09-29 16:00:18
nvd
nvd
prion
prion
Design/Logic Flaw
2020-12-28 20:15:00
Design/Logic Flaw
2021-05-28 11:15:00
Design/Logic Flaw
2020-09-29 16:15:00
cve
cve
github
github
Authentication Bypass in dex
2021-12-20 17:52:12
Critical security issues in XML encoding in github.com/dexidp/dex
2021-12-20 17:53:53
redhatcve
redhatcve
ubuntucve
ubuntucve
CVE-2020-15216
2020-09-29 00:00:00
fedora
fedora
debiancve
debiancve
CVE-2020-15216
2020-09-29 16:15:11
nessus
nessus
Fedora 32 : golang-github-russellhaering-goxmldsig (2021-9316ee2948)
2021-01-14 00:00:00
Fedora 33 : golang-github-russellhaering-goxmldsig (2021-a2a7673da2)
2021-01-14 00:00:00
openvas
openvas
veracode
veracode
Signature Validation Bypass
2020-09-30 01:47:02