module: github.com/russellhaering/goxmldsig | |
versions: | |
- fixed: v1.1.0 | |
description: | | |
An attacker can craft an XML file which will cause signature verification | |
to be entirely bypassed. | |
published: 2021-04-14T12:00:00Z | |
cve: CVE-2020-15216 | |
credit: '@jupenur' | |
symbols: | |
- ValidationContext.findSignature | |
links: | |
commit: https://github.com/russellhaering/goxmldsig/commit/f6188febf0c29d7ffe26a0436212b19cb9615e64 | |
context: | |
- https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7 |