Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.6 views

CVE-2020-36563

XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...

5.3CVSS6.8AI score0.00296EPSS
Exploits0
NVD
NVD
added 2022/12/28 3:15 a.m.16 views

CVE-2020-36563

XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...

5.3CVSS0.00296EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/27 9:13 p.m.5 views

CVE-2020-36563 Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml

XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...

5.3AI score0.00296EPSS
Exploits0References2
CVE
CVE
added 2022/12/27 9:13 p.m.61 views

CVE-2020-36563

The CVE concerns the go-saml library by Robots and Pencils, where XML Digital Signatures are generated/validated using SHA-1. The root cause is the use of SHA-1 in signatures, enabling potential hash collisions when an attacker can influence the input. Reported impact in the CVE notes a partial i...

5.3CVSS5.2AI score0.00296EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/12/27 9:13 p.m.26 views

CVE-2020-36563 Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml

XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...

5.2AI score0.00296EPSS
Exploits0References2
Rows per page
Query Builder