10 matches found
Improper Certificate Validation
Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Improper Certificate Validation via packed self-attestation in WebAuthn registration. An attacker can bypass...
EUVD-2022-25021
Malicious code in bioql PyPI...
CISA Requests for Comment on Secure Software Self-Attestation Form
CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management OMB, released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies t...
CVE-2022-1740
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1740
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
Design/Logic Flaw
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1740 2.2.2 MUTABLE ATTESTATION OR MEASUREMENT REPORTING DATA CWE-1283
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1740
The CVE-2022-1740 vulnerability in Dominion Voting Systems ImageCast X concerns the on-screen hash display, audit log export, and application export features that rely on self-attestation. The root cause is mutable attestation/measurement data, allowing an attacker with access to disguise malicio...
CVE-2022-1740 2.2.2 MUTABLE ATTESTATION OR MEASUREMENT REPORTING DATA CWE-1283
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
PT-2022-3368
Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X affected versions not specified Description The issue concerns the on-screen application hash display feature, audit log export, and application export functionality of Dominion Voting Systems ImageCast X,...