Vulnerabilities (CVE)

Filtered by CWE-347
Total 251 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24884 3 Debian, Ecdsautils Project, Fedoraproject 3 Debian Linux, Ecdsautils, Fedora 2022-05-16 5.0 MEDIUM 7.5 HIGH
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable.
CVE-2021-44878 1 Pac4j 1 Pac4j 2022-05-13 5.0 MEDIUM 7.5 HIGH
If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the "idtoken" response type which is not secure and violates the OpenID Core Specification. The "none" algorithm does not require any signature verification when validating the ID tokens, which allows the attacker to bypass the token validation by injecting a malformed ID token using "none" as the value of "alg" key in the header with an empty signature value.
CVE-2021-39909 1 Gitlab 1 Gitlab 2022-05-13 3.5 LOW 5.3 MEDIUM
Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE starting from 11.3 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker to bypass CODEOWNERS Merge Request approval requirement under rare circumstances
CVE-2021-22573 1 Google 1 Oauth Client Library For Java 2022-05-10 3.5 LOW 7.3 HIGH
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on the client side. We recommend upgrading to version 1.33.3 or above
CVE-2019-11841 2 Debian, Golang 2 Debian Linux, Crypto 2022-05-03 4.3 MEDIUM 5.9 MEDIUM
A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The "Hash" Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures.
CVE-2019-17561 2 Apache, Oracle 2 Netbeans, Graalvm 2022-04-27 5.0 MEDIUM 7.5 HIGH
The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
CVE-2020-12692 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2022-04-27 5.5 MEDIUM 5.4 MEDIUM
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
CVE-2020-12244 4 Debian, Fedoraproject, Opensuse and 1 more 5 Debian Linux, Fedora, Backports Sle and 2 more 2022-04-26 5.0 MEDIUM 7.5 HIGH
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.
CVE-2020-25166 1 Bbraun 2 Datamodule Compactplus, Spacecom 2022-04-21 7.5 HIGH 7.1 HIGH
An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.
CVE-2018-3968 1 Denx 1 U-boot 2022-04-19 4.4 MEDIUM 7.0 HIGH
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy image format. To trigger this vulnerability, a local attacker needs to be able to supply the image to boot.
CVE-2018-10470 2 Apple, Objective Development 2 Macos, Little Snitch 2022-04-18 5.0 MEDIUM 5.3 MEDIUM
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fat binary. An attacker can maliciously craft a fat binary containing multiple architectures that may cause a situation where Little Snitch treats the running process as having no code signature at all while erroneously indicating that the binary on disk does have a valid code signature. This could lead to users being confused about whether or not the code signature is valid.
CVE-2019-9149 1 Mailvelope 1 Mailvelope 2022-04-18 6.4 MEDIUM 6.5 MEDIUM
Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows an attacker to decrypt an arbitrary message when the GnuPG backend is used in Mailvelope.
CVE-2020-15705 7 Canonical, Debian, Gnu and 4 more 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more 2022-04-18 4.4 MEDIUM 6.4 MEDIUM
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
CVE-2021-32977 1 Aveva 1 System Platform 2022-04-13 6.5 MEDIUM 7.2 HIGH
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.
CVE-2021-30066 2 Belden, Schneider-electric 26 Eagle 20 Tofino 943 987-501-tx\/tx, Eagle 20 Tofino 943 987-501-tx\/tx Firmware, Eagle 20 Tofino 943 987-502 -tx\/mm and 23 more 2022-04-09 7.2 HIGH 6.8 MEDIUM
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400.
CVE-2015-3298 1 Yubico 1 Ykneo-openpgp 2022-04-08 5.8 MEDIUM 8.8 HIGH
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated.
CVE-2017-5066 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2022-04-08 4.3 MEDIUM 6.5 MEDIUM
Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.
CVE-2022-22934 1 Saltstack 1 Salt 2022-04-06 5.8 MEDIUM 8.8 HIGH
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
CVE-2020-14365 2 Debian, Redhat 5 Debian Linux, Ansible Engine, Ansible Tower and 2 more 2022-04-05 6.6 MEDIUM 7.1 HIGH
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
CVE-2020-16156 2 Fedoraproject, Perl 2 Fedora, Comprehensive Perl Archive Network 2022-04-01 6.8 MEDIUM 7.8 HIGH
CPAN 2.28 allows Signature Verification Bypass.