Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

xml-crypto

npm

Xml digital signature and encryption library for Node.js

View on github.com · View on npmjs.org

Security Advisories for xml-crypto in npm

Critical
7 months ago

xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment GSA_kwCzR0hTQS14M204LTg5OXItZjdjM84ABFey

npm xml-crypto
Critical
7 months ago

xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References GSA_kwCzR0hTQS05cDh4LWY3Njgtd3AyZ84ABFex

npm xml-crypto
Critical
over 1 year ago

xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing GSA_kwCzR0hTQS0yeHAzLTU3cDctcWY0ds4AA7eK

npm xml-crypto
High
almost 5 years ago

xml-crypto's HMAC-SHA1 signatures can bypass validation via key confusion MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMyN3IteDM1NC00bTY4

npm xml-crypto

Filter by Severity

Critical 3 High 1