Filtered by vendor Moov
Subscriptions
Filtered by product Signedxml
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-34205 | 1 Moov | 1 Signedxml | 2024-11-21 | 9.1 Critical |
In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. Thus, signature validation can be bypassed via a Signature Wrapping attack (aka XSW). |
Page 1 of 1.