2 matches found
oidcc 安全漏洞
oidcc is an open source OpenId Connect client library in Erlang & Elixir by The Erlang Ecosystem Foundation. A security vulnerability exists in oidcc 3.0.0 and later, which stems from the presence of a Denial of Service DoS vulnerability...
CVE-2021-43568
The verify function in the Stark Bank Elixir ECDSA library ecdsa-elixir 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...