CWE-347
Improper Verification of Cryptographic Signature
Description
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-463 · CAPEC-475
CVEs mapped to this weakness (357)
page 13 of 18| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-59288 | — | 0.00 | — | 0.00 | Oct 14, 2025 | Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network. | ||
| CVE-2025-57801 | — | 0.00 | — | 0.00 | Aug 22, 2025 | gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA… | ||
| CVE-2025-24015 | 0.00 | — | 0.00 | Jun 3, 2025 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be… | |||
| CVE-2025-47949 | 0.00 | — | 0.00 | May 19, 2025 | samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider.… | |||
| CVE-2025-25292 | 0.00 | — | 0.64 | Mar 12, 2025 | ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can… | |||
| CVE-2025-25291 | 0.00 | — | 0.20 | Mar 12, 2025 | ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can… | |||
| CVE-2025-24043 | — | 0.00 | — | 0.01 | Mar 11, 2025 | Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network. | ||
| CVE-2023-25574 | 0.00 | — | 0.00 | Feb 25, 2025 | `jupyterhub-ltiauthenticator` is a JupyterHub authenticator for learning tools interoperability (LTI). LTI13Authenticator that was introduced in `jupyterhub-ltiauthenticator` 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a… | |||
| CVE-2025-23206 | 0.00 | — | 0.00 | Jan 17, 2025 | The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC custom resource provider package will download CA Thumbprints as part of the custom… | |||
| CVE-2024-48948 | — | 0.00 | — | 0.01 | Oct 15, 2024 | The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN… | ||
| CVE-2024-48949 | — | 0.00 | — | 0.01 | Oct 10, 2024 | The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation. | ||
| CVE-2024-47832 | 0.00 | — | 0.00 | Oct 9, 2024 | ssoready is a single sign on provider implemented via docker. Affected versions are vulnerable to XML signature bypass attacks. An attacker can carry out signature bypass if you have access to certain IDP-signed messages. The underlying mechanism exploits differential behavior… | |||
| CVE-2024-45384 | — | 0.00 | — | 0.01 | Sep 17, 2024 | Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid… | ||
| CVE-2024-45607 | 0.00 | — | 0.14 | Sep 12, 2024 | whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the signature is valid. Incorrect Access Control, anyone using the post or… | |||
| CVE-2024-45409 | 0.00 | — | 0.11 | Sep 10, 2024 | The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus… | |||
| CVE-2024-42461 | — | 0.00 | — | 0.01 | Aug 2, 2024 | In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. | ||
| CVE-2024-42459 | — | 0.00 | — | 0.00 | Aug 2, 2024 | In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended. | ||
| CVE-2024-37568 | 0.00 | — | 0.00 | Jun 9, 2024 | lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and CVE-2024-33663.) | |||
| CVE-2024-34358 | 0.00 | — | 0.00 | May 14, 2024 | TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query… | |||
| CVE-2024-21491 | — | 0.00 | — | 0.00 | Feb 13, 2024 | Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches… |
- CVE-2025-59288Oct 14, 2025risk 0.00cvss —epss 0.00
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network.
- CVE-2025-57801Aug 22, 2025risk 0.00cvss —epss 0.00
gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA…
- CVE-2025-24015Jun 3, 2025risk 0.00cvss —epss 0.00
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be…
- CVE-2025-47949May 19, 2025risk 0.00cvss —epss 0.00
samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider.…
- CVE-2025-25292Mar 12, 2025risk 0.00cvss —epss 0.64
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can…
- CVE-2025-25291Mar 12, 2025risk 0.00cvss —epss 0.20
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can…
- CVE-2025-24043Mar 11, 2025risk 0.00cvss —epss 0.01
Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
- CVE-2023-25574Feb 25, 2025risk 0.00cvss —epss 0.00
`jupyterhub-ltiauthenticator` is a JupyterHub authenticator for learning tools interoperability (LTI). LTI13Authenticator that was introduced in `jupyterhub-ltiauthenticator` 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a…
- CVE-2025-23206Jan 17, 2025risk 0.00cvss —epss 0.00
The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC custom resource provider package will download CA Thumbprints as part of the custom…
- CVE-2024-48948Oct 15, 2024risk 0.00cvss —epss 0.01
The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN…
- CVE-2024-48949Oct 10, 2024risk 0.00cvss —epss 0.01
The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation.
- CVE-2024-47832Oct 9, 2024risk 0.00cvss —epss 0.00
ssoready is a single sign on provider implemented via docker. Affected versions are vulnerable to XML signature bypass attacks. An attacker can carry out signature bypass if you have access to certain IDP-signed messages. The underlying mechanism exploits differential behavior…
- CVE-2024-45384Sep 17, 2024risk 0.00cvss —epss 0.01
Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid…
- CVE-2024-45607Sep 12, 2024risk 0.00cvss —epss 0.14
whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the signature is valid. Incorrect Access Control, anyone using the post or…
- CVE-2024-45409Sep 10, 2024risk 0.00cvss —epss 0.11
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus…
- CVE-2024-42461Aug 2, 2024risk 0.00cvss —epss 0.01
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.
- CVE-2024-42459Aug 2, 2024risk 0.00cvss —epss 0.00
In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended.
- CVE-2024-37568Jun 9, 2024risk 0.00cvss —epss 0.00
lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and CVE-2024-33663.)
- CVE-2024-34358May 14, 2024risk 0.00cvss —epss 0.00
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the `ShowImageController` (`_eID tx_cms_showpic_`) lacks a cryptographic HMAC-signature on the `frame` HTTP query…
- CVE-2024-21491Feb 13, 2024risk 0.00cvss —epss 0.00
Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches…