Filtered by vendor Moov Subscriptions
Filtered by product Signedxml Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-34205 1 Moov 1 Signedxml 2024-11-21 9.1 Critical
In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. Thus, signature validation can be bypassed via a Signature Wrapping attack (aka XSW).