2 matches found
Missing Cryptographic Step
Overview Affected versions of this package are vulnerable to Missing Cryptographic Step in the mbedtlslmsverify process when internal errors from the createmerkleleafvalue and createmerkleinternalvalue functions are not checked. An attacker can cause the acceptance of invalid signatures by induci...
PT-2024-12510 · Unknown · Survey Maker
Name of the Vulnerable Software and Affected Versions: Survey Maker versions prior to 3.6.4 Description: The issue is related to insufficient verification of data authenticity, allowing a remote unauthenticated attacker to spoof an IP address when posting. Recommendations: For versions prior to...