Lucene search
K

12 matches found

UbuntuCve
UbuntuCve
added 2026/03/30 9:17 p.m.4 views

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.8AI score0.00154EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/14 1:27 a.m.7 views

CVE-2026-25922

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

8.8CVSS5.5AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2026/02/12 8:16 p.m.12 views

CVE-2026-25922

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

8.8CVSS0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/12 7:38 p.m.36 views

CVE-2026-25922 authentik has a Signature Verification Bypass via SAML Assertion Wrapping

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

8.8CVSS0.00166EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/06/23 11:20 p.m.5 views

SUSE CVE-2025-52556

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trust...

9.3CVSS6.9AI score0.00147EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/21 1:33 a.m.5 views

CVE-2025-52556 rfc3161-client has insufficient verification for timestamp response signatures

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trust...

9.3CVSS6.9AI score0.00147EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.3 views

PT-2025-26485

Name of the Vulnerable Software and Affected Versions: rfc3161-client versions prior to 1.0.3 Description: The issue is related to a flaw in the timestamp response signature verification logic. Specifically, the chain verification is performed against the TSR's embedded certificates up to the...

9.3CVSS5.7AI score0.00147EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2025/02/18 6:39 p.m.13 views

CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication

SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...

9.1CVSS9.3AI score0.0056EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/09/10 6:50 p.m.21 views

CVE-2024-45409

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...

10CVSS8AI score0.10684EPSS
Exploits3
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.52 views

Ruby SAML 数据伪造问题漏洞

Ruby SAML is an open source implementation of a SAML authorization client from SAML-Toolkits. A data forgery vulnerability exists in Ruby SAML that stems from Ruby-SAML's inability to properly verify the signature of a SAML response, allowing an attacker to log in to a vulnerable system as an...

10CVSS9.5AI score0.10684EPSS
Exploits3References5
Github Security Blog
Github Security Blog
added 2018/11/09 5:49 p.m.32 views

Header Forgery in http-signature

Affected versions of http-signature contain a vulnerability which can allow an attacker in a privileged network position to modify header names and change the meaning of the request, without requiring an updated signature. This problem occurs because vulnerable versions of http-signature sign the...

7.5CVSS7.1AI score0.00857EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2017/12/23 12:0 a.m.4 views

PT-2017-14626 · Auth0 · Passport-Wsfed-Saml2

Name of the Vulnerable Software and Affected Versions: Auth0 passport-wsfed-saml2 versions prior to 3.0.5 Description: A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library, allowing an attacker to impersonate another user and potentially elevate their privileges if the SA...

9.3CVSS7.9AI score0.01378EPSS
Exploits0References9
Rows per page
Query Builder