Skip to main content

Oasis Digital Signature Services

1 CVEs product

Monthly

CVE-2020-13101 HIGH This Week

In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Oasis Digital Signature Services
NVD
CVSS 3.1
7.5
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH This Week

In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Oasis Digital Signature Services
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy