3 matches found
CVE-2020-36843
A flaw was found in EdDSA-Java ed25519-java. This vulnerability allows attackers to create new valid signatures different from previous signatures for a known message via signature malleability, violating the Strong Existential Unforgeability under Chosen Message Attacks SUF-CMA property...
CVE-2020-36843
The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...
Java: Java XML Signature DoS Attack
It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions DTDs to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial ...