2 matches found
CVE-2021-25633
LibreOffice improperly validated signatures which by manipulation of signatures xml files allowed for multiple certificate data to be combined and led to the ability to show content as validly signed even if it was not content related to the signature...
Incorrect Signature Validation
jsrsasign uses an incorrect signature validation. It is possible because its RSASSA-PSS RSA-PSS implementation has a flaw which accepts manipulated/modified signatures as valid signatures by prepending '\0' bytes to a signature and also allows an attacker to send multiple valid signatures to...