5 matches found
CVE-2024-34580
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...
CVE-2024-34580
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...
Microsoft XML Signature HMAC Truncation Bypass (MS10-041) - Ver2 (CVE-2009-0217)
The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. A tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without...
Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)
This host is missing a critical security update according to Microsoft Bulletin MS10-041. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
XML signature HMAC truncation authentication bypass
Overview The XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication. Description XML Signature Syntax and Processing XMLDsig is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services f...