Node-SAML SAML Authentication Bypass

Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any...

GHSA-M837-G268-MMV7 Node-SAML SAML Authentication Bypass

Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to Improper Verification of Cryptographic Signature due to xml-crypto ( CVE-2025-29774, CVE-2025-29775 )

Summary Potential vulnerabilities in xml-crypto module CVE-2025-29774, CVE-2025-29775 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-29774 DESCRIPTION: xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to bypass signature validation in XML data [CVE-2025-29774] [CVE-2025-29775]

Summary Node.js module xml-crypto is used by IBM App Connect Enterprise Certified Container for handling XML data. IBM App Connect Enterprise Certified Container operands are vulnerable to signature validation bypass. This bulletin provides patch information to address the reported vulnerability ...

Exploit for CVE-2025-29775

SAMLStorm CVE-2025-29775 Lab Environment !Educationalhtt...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js modules axios and xml-crypto (CVE-2025-27152, CVE-2025-29774, CVE-2025-29775 and CVE-2024-57965)

Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise Connector Discovery and OpenAPI Editor are vulnerable to multiple vulnerabilities due to Node.js modules axios and xml-crypto. Vulnerability Details CVEID:CVE-2025-27152...

The vulnerability of the digital signature and XML encryption library for Node.js’ xml-crypto, related to improper verification of cryptographic signatures, allows attackers to escalate their privileges.

The vulnerability of the digital signature and XML encryption library for Node.js’ xml-crypto is related to improper verification of the cryptographic signature. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

XML Signature Bypass

xml-crypto is vulnerable to an XML Signature Bypass. The vulnerability is due to improper validation of signed XML structures, allowing an attacker to modify a signed XML message while still passing signature verification checks...

XML Signature Manipulation

xml-crypto is vulnerable to an XML signature manipulation. The vulnerability is due to improper validation of signed XML documents, which allows an attacker to modify a signed XML message while still passing signature verification checks...

The vulnerability of the encryption and digital signature verification library in the Node.js software platform xml-crypto is related to deficiencies in the mechanism for verifying cryptographic signatures. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the XML-crypto library and the digital signature verification mechanism in Node.js software platforms is related to deficiencies in the signature verification mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending special...

@13w/soap (=0.26.0), @3wks/gae-node-nestjs (>=0.1.0 <=6.0.0-rc.0) +845 more potentially affected by CVE-2025-29775 via xml-crypto (>=0.0.10 <=2.1.5)

xml-crypto NPM version =0.0.10, =0.1.0, =1.0.4, =0.34.1, =0.34.0, =0.0.1, =0.6.1, =0.1.1, =0.16.9, =0.7.1, =1.0.0, =1.0.0, =0.1.1, =0.1.7 - @amazon-spider-tools/exchange-rate =0.1.0 and more Source cves: CVE-2025-29775 Source advisory: OSV:GHSA-X3M8-899R-F7C3...

@boxyhq/saml-jackson (>=1.3.2 <=1.11.1), @boxyhq/saml20 (>=1.0.11 <=1.2.3) +4 more potentially affected by CVE-2025-29775 via xml-crypto (>=3.0.0 <=3.2.0)

xml-crypto NPM version =3.0.0, =1.3.2, =1.0.11, =1.13.3, =1.13.5, =2.1.0, =1.0.0, =1.0.1 Source cves: CVE-2025-29775 Source advisory: OSV:GHSA-X3M8-899R-F7C3...

@boxyhq/saml-jackson (>=1.11.2 <=1.40.2), @boxyhq/saml20 (>=1.2.4 <=1.8.0) +8 more potentially affected by CVE-2025-29775 via xml-crypto (>=4.1.0 <=6.0.0)

xml-crypto NPM version =4.1.0, =1.11.2, =1.2.4, =1.0.0, =4.0.0, =1.0.0, =0.0.1, =0.0.2 - saml-nofs =3.0.2 - verifactu-utils =1.1.0 Source cves: CVE-2025-29775 Source advisory: OSV:GHSA-X3M8-899R-F7C3...

CVE-2025-29774

xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. Th...

@13w/soap (=0.26.0), @3wks/gae-node-nestjs (>=0.1.0 <=6.0.0-rc.0) +845 more potentially affected by CVE-2025-29774 via xml-crypto (>=0.0.10 <=2.1.5)

xml-crypto NPM version =0.0.10, =0.1.0, =1.0.4, =0.34.1, =0.34.0, =0.0.1, =0.6.1, =0.1.1, =0.16.9, =0.7.1, =1.0.0, =1.0.0, =0.1.1, =0.1.7 - @amazon-spider-tools/exchange-rate =0.1.0 and more Source cves: CVE-2025-29774 Source advisory: OSV:GHSA-9P8X-F768-WP2G...

@boxyhq/saml-jackson (>=1.11.2 <=1.40.2), @boxyhq/saml20 (>=1.2.4 <=1.8.0) +8 more potentially affected by CVE-2025-29774 via xml-crypto (>=4.1.0 <=6.0.0)

xml-crypto NPM version =4.1.0, =1.11.2, =1.2.4, =1.0.0, =4.0.0, =1.0.0, =0.0.1, =0.0.2 - saml-nofs =3.0.2 - verifactu-utils =1.1.0 Source cves: CVE-2025-29774 Source advisory: OSV:GHSA-9P8X-F768-WP2G...

@boxyhq/saml-jackson (>=1.3.2 <=1.11.1), @boxyhq/saml20 (>=1.0.11 <=1.2.3) +4 more potentially affected by CVE-2025-29774 via xml-crypto (>=3.0.0 <=3.2.0)

xml-crypto NPM version =3.0.0, =1.3.2, =1.0.11, =1.13.3, =1.13.5, =2.1.0, =1.0.0, =1.0.1 Source cves: CVE-2025-29774 Source advisory: OSV:GHSA-9P8X-F768-WP2G...

CVE-2025-29775

CVE-2025-29775 : The xml-crypto library for Node.js is vulnerable in versions prior to 6.0.1, 3.2.1, and 2.1.6. An attacker can modify a valid signed XML message in transit such that signature verification still passes, bypassing authentication/authorization checks and enabling privilege escalati...

CVE-2025-29775 xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment

xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. Th...

CVE-2025-29775 xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment

xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. Th...