Lucene search
K

4 matches found

OSV
OSV
added 2025/05/30 5:41 p.m.7 views

CLSA-2025-1748626881 golang: Fix of 2 CVEs

CVE-2024-24789: fix zip parsing to reject EOCDR records with truncated comments - CVE-2024-9355: fix HMAC to pass initialized length to EVPDigestSignFinal, ensuring correct output handling...

6.5CVSS6.9AI score0.00446EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2009/12/09 11:14 p.m.4 views

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.3AI score0.06348EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/09/08 3:43 p.m.4 views

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.3AI score0.06348EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2009/07/14 11:30 p.m.2 views

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.5AI score0.06348EPSS
Exploits0References92
Rows per page
Query Builder