6 matches found
CVE-2020-36563
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...
CVE-2020-36563
creationtimestamp| type| source ---|---|--- 2025-04-11 16:51:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11455...
CVE-2020-36563
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...
CVE-2020-36563 Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...
CVE-2020-36563
The CVE concerns the go-saml library by Robots and Pencils, where XML Digital Signatures are generated/validated using SHA-1. The root cause is the use of SHA-1 in signatures, enabling potential hash collisions when an attacker can influence the input. Reported impact in the CVE notes a partial i...
CVE-2020-36563 Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...