Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoogleOSV:GO-2022-0409

HistoryJul 01, 2022 - 8:08 p.m.

Vulners
/
Osv
/
GO-2022-0409

GO-2022-0409

2022-07-0120:08:30

Google

osv.dev

attacker

signature validation

xml file

altered file

software

EPSS

0.004

Percentile

73.7%

JSON

An attacker can create an XML file which completely bypasses signature validation,
passing off an altered file as a signed one.

References

github.com/advisories/GHSA-rrfw-hg9m-j47h

github.com/russellhaering/goxmldsig/commit/f6188febf0c29d7ffe26a0436212b19cb9615e64

osv 10

cvelist 3

nvd 3

prion 3

cve 3

github 3

redhatcve 5

fedora 2

ubuntucve 1

nessus 2

debiancve 1

openvas 2

veracode 1

osv

CVE-2020-26290

2020-12-28 20:15:12

GO-2021-0056

2021-04-14 20:04:52

github.com/russellhaering/goxmldsig vulnerable to Signature Validation Bypass

2021-05-24 16:57:32

cvelist

CVE-2020-26290 Critical security issues in XML encoding in Dex

2020-12-28 19:15:17

CVE-2020-27847

2021-05-28 10:20:35

CVE-2020-15216 Signature Validation Bypass in goxmldsig

2020-09-29 16:00:18

nvd

CVE-2020-26290

2020-12-28 20:15:12

CVE-2020-27847

2021-05-28 11:15:07

CVE-2020-15216

2020-09-29 16:15:11

prion

Design/Logic Flaw

2020-12-28 20:15:00

Design/Logic Flaw

2021-05-28 11:15:00

Design/Logic Flaw

2020-09-29 16:15:00

cve

CVE-2020-26290

2020-12-28 20:15:12

CVE-2020-27847

2021-05-28 11:15:07

CVE-2020-15216

2020-09-29 16:15:11

github

Authentication Bypass in dex

2021-12-20 17:52:12

Critical security issues in XML encoding in github.com/dexidp/dex

2021-12-20 17:53:53

github.com/russellhaering/goxmldsig vulnerable to Signature Validation Bypass

2021-05-24 16:57:32

redhatcve

CVE-2020-27847

2020-12-15 08:40:08

CVE-2020-15216

2020-10-01 06:05:42

CVE-2020-29511

2020-12-17 02:11:32

fedora

[SECURITY] Fedora 33 Update: golang-github-russellhaering-goxmldsig-1.1.0-1.fc33

2021-01-14 01:40:24

[SECURITY] Fedora 32 Update: golang-github-russellhaering-goxmldsig-1.1.0-1.fc32

2021-01-14 01:44:09

ubuntucve

CVE-2020-15216

2020-09-29 00:00:00

nessus

Fedora 32 : golang-github-russellhaering-goxmldsig (2021-9316ee2948)

2021-01-14 00:00:00

Fedora 33 : golang-github-russellhaering-goxmldsig (2021-a2a7673da2)

2021-01-14 00:00:00

debiancve

CVE-2020-15216

2020-09-29 16:15:11

openvas

Fedora: Security Advisory for golang-github-russellhaering-goxmldsig (FEDORA-2021-9316ee2948)

2021-01-14 00:00:00

Fedora: Security Advisory for golang-github-russellhaering-goxmldsig (FEDORA-2021-a2a7673da2)

2021-01-14 00:00:00

veracode

Signature Validation Bypass

2020-09-30 01:47:02

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.004

Percentile

73.7%

JSON

Related for OSV:GO-2022-0409