VYPR

PyPI package

signxml

pkg:pypi/signxml

Vulnerabilities (2)

  • CVE-2025-48995MedJun 2, 2025
    affected < 4.0.4fixed 4.0.4

    SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), versions of SignXML prior to 4.0.4 are vulne

  • CVE-2025-48994MedJun 2, 2025
    affected < 4.0.4fixed 4.0.4

    SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), versions of SignXML prior to 4.0.4 are vulne