Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2026/03/04 12:29 a.m.4 views

SUSE CVE-2026-3338

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 8:25 p.m.3 views

GHSA-HFPC-8R3F-GW53 AWS-LC has PKCS7_verify Signature Validation Bypass

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need...

7.5CVSS6AI score0.00779EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/03 8:25 p.m.13 views

AWS-LC has PKCS7_verify Signature Validation Bypass

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need...

8.7CVSS6AI score0.00779EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/03/02 10:16 p.m.9 views

CVE-2026-3338

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS0.00779EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/02 9:22 p.m.3 views

CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/02 9:22 p.m.19 views

CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS0.00779EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/02 9:22 p.m.8 views

CVE-2026-3338

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/02 9:22 p.m.5 views

EUVD-2026-9266

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References3
OSV
OSV
added 2026/03/02 9:22 p.m.2 views

CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS7.3AI score0.00779EPSS
Exploits0References9
CVE
CVE
added 2026/03/02 9:22 p.m.20 views

CVE-2026-3338

The vulnerability CVE-2026-3338 arises from improper signature validation in PKCS7_verify() within the AWS-LC library, allowing an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Affected component: AWS-LC. Root cause: flawed sign...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2026/03/02 12:0 p.m.4 views

RUSTSEC-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. aws-lc-sys contains code from AWS-LC. Applications using...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References4
RustSec
RustSec
added 2026/03/02 12:0 p.m.8 views

PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. aws-lc-sys contains code from AWS-LC. Applications using...

8.7CVSS7.5AI score0.00779EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.7 views

PT-2026-22704

Name of the Vulnerable Software and Affected Versions AWS-LC versions prior to 1.69.0 Description A flaw exists in the PKCS7 verify function within AWS-LC that permits an unauthenticated user to circumvent signature verification when handling PKCS7 objects containing Authenticated Attributes. Thi...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References20
Rows per page
Query Builder