| module = "github.com/russellhaering/goxmldsig" |
| |
| description = """ |
| An attacker can craft an XML file which will cause signature verification |
| to be entirely bypassed. |
| """ |
| |
| cve = "CVE-2020-15216" |
| |
| credit = "@jupenur" |
| |
| symbols = ["ValidationContext.findSignature"] |
| |
| published = "2021-04-14T12:00:00Z" |
| |
| [[versions]] |
| fixed = "v1.1.0" |
| |
| [links] |
| commit = "https://github.com/russellhaering/goxmldsig/commit/f6188febf0c29d7ffe26a0436212b19cb9615e64" |
| context = ["https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7"] |
