2 matches found
CVE-2020-13101
In OASIS Digital Signature Services DSS 1.0, an attacker can control the validation outcome i.e., trigger either a valid or invalid outcome for a valid or invalid signature via a crafted XML signature, when the InlineXML option is used. This defeats the expectation of non-repudiation...
CVE-2020-13101
CVE-2020-13101 affects OASIS Digital Signature Services (DSS) 1.0. The issue allows an attacker to control the validation outcome (valid/invalid) of a signature by crafting an XML signature when the InlineXML option is enabled, defeating non‑repudiation. The connected PT-2020-13334 entry confirms...