Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of the wcVerifyEccsiHash process. An attacker can bypass signature verification and impersonate any identity by submitting crafted signatures containing invalid...