24 matches found
CVE-2025-47222
A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Setting any chosen class name to any of the properties requiring a class path and the provided class is not expected to return different errors if the class exists in deployment or not. This returns information...
CVE-2025-47220
Keyfactor SignServer (versions prior to 7.3.2) contains a local file enumeration vulnerability in the VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH used by PDFSigner and PAdESSigner. An admin user can set this path without restrictions; if the path points to an existing file readable by the application ser...
CVE-2025-47222
A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Setting any chosen class name to any of the properties requiring a class path and the provided class is not expected to return different errors if the class exists in deployment or not. This returns information...
Keyfactor SignServer 安全漏洞
Keyfactor SignServer is a digital signature engine from Keyfactor USA. A security vulnerability exists in Keyfactor SignServer versions prior to 7.3.1 that stems from improper access control...