CWE-347
AllowedImproper Verification of Cryptographic Signature
Abstraction: Base · Status: Draft
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
1120 vulnerabilities reference this CWE, most recent first.
GHSA-X4H9-GWV3-R4M4
Vulnerability from github – Published: 2025-12-08 22:03 – Updated: 2025-12-12 21:52Summary
Ruby-saml up to and including 1.12.4, there is an authentication bypass vulnerability because of an issue at libxml2 canonicalization process used by Nokogiri for document transformation. That allows an attacker to be able to execute a Signature Wrapping attack. The vulnerability does not affect the version 1.18.0.
Details
When libxml2’s canonicalization is invoked on an invalid XML input, it may return an empty string rather than a canonicalized node. ruby-saml then proceeds to compute the DigestValue over this empty string, treating it as if canonicalization succeeded.
Impact
-
Digest bypass: By crafting input that causes canonicalization to yield an empty string, the attacker can manipulate validation to pass incorrectly.
-
Signature replay on empty canonical form: If an empty string has been signed once (e.g., in a prior interaction or via a misconfigured flow), that signature can potentially be replayed to bypass authentication.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "ruby-saml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66568"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-08T22:03:19Z",
"nvd_published_at": "2025-12-09T16:18:21Z",
"severity": "CRITICAL"
},
"details": "### Summary\nRuby-saml up to and including 1.12.4, there is an authentication bypass vulnerability because of an issue at libxml2 canonicalization process used by Nokogiri for document transformation. That allows an attacker to be able to execute a Signature Wrapping attack. The vulnerability does not affect the version 1.18.0.\n\n### Details\nWhen libxml2\u2019s canonicalization is invoked on an invalid XML input, it may return an empty string rather than a canonicalized node. ruby-saml then proceeds to compute the DigestValue over this empty string, treating it as if canonicalization succeeded.\n\n### Impact\n1. Digest bypass: By crafting input that causes canonicalization to yield an empty string, the attacker can manipulate validation to pass incorrectly.\n\n2. Signature replay on empty canonical form: If an empty string has been signed once (e.g., in a prior interaction or via a misconfigured flow), that signature can potentially be replayed to bypass authentication.",
"id": "GHSA-x4h9-gwv3-r4m4",
"modified": "2025-12-12T21:52:40Z",
"published": "2025-12-08T22:03:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-x4h9-gwv3-r4m4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66568"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a"
},
{
"type": "PACKAGE",
"url": "https://github.com/SAML-Toolkits/ruby-saml"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-66568.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Ruby-saml allows a Libxml2 Canonicalization error to bypass Digest/Signature validation"
}
GHSA-X4JG-MJRX-434G
Vulnerability from github – Published: 2022-03-18 23:10 – Updated: 2022-03-30 20:07Impact
RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used.
Patches
The issue has been addressed in node-forge 1.3.0.
References
For more information, please see "Bleichenbacher's RSA signature forgery based on implementation error" by Hal Finney.
For more information
If you have any questions or comments about this advisory: * Open an issue in forge * Email us at example email address
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "node-forge"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24772"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2022-03-18T23:10:28Z",
"nvd_published_at": "2022-03-18T14:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nRSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used.\n\n### Patches\n\nThe issue has been addressed in `node-forge` `1.3.0`.\n\n### References\n\nFor more information, please see\n[\"Bleichenbacher\u0027s RSA signature forgery based on implementation error\"](https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE/)\nby Hal Finney.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [forge](https://github.com/digitalbazaar/forge)\n* Email us at [example email address](mailto:security@digitalbazaar.com)",
"id": "GHSA-x4jg-mjrx-434g",
"modified": "2022-03-30T20:07:56Z",
"published": "2022-03-18T23:10:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772"
},
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1"
},
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2"
},
{
"type": "PACKAGE",
"url": "https://github.com/digitalbazaar/forge"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper Verification of Cryptographic Signature in node-forge"
}
GHSA-X4QP-X57C-WV5H
Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2022-05-13 01:20An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature.
{
"affected": [],
"aliases": [
"CVE-2018-4111"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-03T06:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the \"Mail\" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature.",
"id": "GHSA-x4qp-x57c-wv5h",
"modified": "2022-05-13T01:20:14Z",
"published": "2022-05-13T01:20:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4111"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208692"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103582"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040608"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X5H4-9GQW-942J
Vulnerability from github – Published: 2021-06-01 21:17 – Updated: 2021-06-01 19:12Impact
This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages.
This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In addition to these signatures, the ESDK uses AES-GCM encryption and all plaintext is verified before being released to a caller. There is no impact on the integrity of the ciphertext or decrypted plaintext, however some callers may rely on the the ECDSA signature for non-repudiation. Without validating the ECDSA signature, an actor with trusted KMS permissions to decrypt a message may also be able to encrypt messages. This update introduces a new API for callers who wish to stream only unsigned messages.
For customers who process ESDK messages from untrusted sources, this update also introduces a new configuration to limit the number of Encrypted Data Keys (EDKs) that the ESDK will attempt to process per message. This configuration provides customers with a way to limit the number of AWS KMS Decrypt API calls that the ESDK will make per message. This setting will reject messages with more EDKs than the configured limit.
Finally, this update adds early rejection of invalid messages with certain invalid combinations of algorithm suite and header data.
Patches
Fixed in versions 1.9 and 2.2. We recommend that all users upgrade to address these issues.
Customers leveraging the ESDK’s streaming features have several options to protect signature validation. One is to ensure that client code reads to the end of the stream before using released plaintext. With this release, using the new API for streaming and falling back to the non-streaming decrypt API for signed messages prevents using any plaintext from signed data before the signature is validated. See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x
Users processing ESDK messages from untrusted sources should use the new maximum encrypted data keys parameter. See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x
Workarounds
None
For more information
https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#digital-sigs
https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "aws-encryption-sdk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "aws-encryption-sdk"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-01T19:12:22Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\n\nThis advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. \n\nThis ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In addition to these signatures, the ESDK uses AES-GCM encryption and all plaintext is verified before being released to a caller. There is no impact on the integrity of the ciphertext or decrypted plaintext, however some callers may rely on the the ECDSA signature for non-repudiation. Without validating the ECDSA signature, an actor with trusted KMS permissions to decrypt a message may also be able to encrypt messages. This update introduces a new API for callers who wish to stream only unsigned messages. \n\nFor customers who process ESDK messages from untrusted sources, this update also introduces a new configuration to limit the number of Encrypted Data Keys (EDKs) that the ESDK will attempt to process per message. This configuration provides customers with a way to limit the number of AWS KMS Decrypt API calls that the ESDK will make per message. This setting will reject messages with more EDKs than the configured limit.\n\nFinally, this update adds early rejection of invalid messages with certain invalid combinations of algorithm suite and header data.\n\n### Patches\n\nFixed in versions 1.9 and 2.2. We recommend that all users upgrade to address these issues.\n\nCustomers leveraging the ESDK\u2019s streaming features have several options to protect signature validation. One is to ensure that client code reads to the end of the stream before using released plaintext. With this release, using the new API for streaming and falling back to the non-streaming decrypt API for signed messages prevents using any plaintext from signed data before the signature is validated. See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x\n\nUsers processing ESDK messages from untrusted sources should use the new maximum encrypted data keys parameter. See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x\n\n### Workarounds\n\nNone\n\n### For more information\n\nhttps://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#digital-sigs\n\nhttps://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/about-versions.html#version2.2.x\n",
"id": "GHSA-x5h4-9gqw-942j",
"modified": "2021-06-01T19:12:22Z",
"published": "2021-06-01T21:17:53Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aws/aws-encryption-sdk-python/security/advisories/GHSA-x5h4-9gqw-942j"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Improper Verification of Cryptographic Signature in aws-encryption-sdk"
}
GHSA-X78V-9635-M8H6
Vulnerability from github – Published: 2026-02-15 12:30 – Updated: 2026-02-15 12:30The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system.
First identified on Nissan Leaf ZE1 manufactured in 2020.
{
"affected": [],
"aliases": [
"CVE-2025-32060"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-15T11:15:54Z",
"severity": "MODERATE"
},
"details": "The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
"id": "GHSA-x78v-9635-m8h6",
"modified": "2026-02-15T12:30:25Z",
"published": "2026-02-15T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32060"
},
{
"type": "WEB",
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
},
{
"type": "WEB",
"url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
},
{
"type": "WEB",
"url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X89C-F42W-CH2G
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
{
"affected": [],
"aliases": [
"CVE-2021-23992"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T14:15:00Z",
"severity": "MODERATE"
},
"details": "Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird \u003c 78.9.1.",
"id": "GHSA-x89c-f42w-ch2g",
"modified": "2022-05-24T19:06:12Z",
"published": "2022-05-24T19:06:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23992"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1666236"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-13"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-X8XW-JC3C-CX53
Vulnerability from github – Published: 2023-11-14 21:31 – Updated: 2025-02-13 18:32Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2023-20567"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T19:15:15Z",
"severity": "MODERATE"
},
"details": "Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.",
"id": "GHSA-x8xw-jc3c-cx53",
"modified": "2025-02-13T18:32:03Z",
"published": "2023-11-14T21:31:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20567"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X92V-RPX6-P6CW
Vulnerability from github – Published: 2026-06-18 13:58 – Updated: 2026-06-18 13:58The WhatsApp and Linear bot adapters verify the inbound webhook HMAC signature only when a secret is configured. When the secret environment variable is unset — the default on a fresh install and common in development — verification is skipped entirely and the webhook body is parsed and dispatched as a genuine, trusted event. A remote, unauthenticated attacker who can reach the bot's webhook endpoint can inject arbitrary platform events.
Affected code:
WhatsApp - src/praisonai/praisonai/bots/whatsapp.py
- init (line 108): self._app_secret = app_secret or os.environ.get("WHATSAPP_APP_SECRET", "") -> defaults to ""
- route (line 246): app.router.add_post(self._webhook_path, self._handle_webhook) -> default path "/webhook"
- _handle_webhook (lines 585-595): if self._app_secret: gates the ENTIRE check; when falsy the body is
json.loads()'d and dispatched to _process_webhook_data() with no verification.
Linear - src/praisonai/praisonai/bots/linear.py
- init (line 86): self._signing_secret = signing_secret or os.environ.get("LINEAR_WEBHOOK_SECRET", "") -> ""
- _handle_webhook (lines 244-248): same if self._signing_secret: fail-open guard.
- start() (lines 169-170): only logs a warning; does not fail closed.
The _verify_signature implementations themselves are correct (constant-time HMAC-SHA256); the defect is that verification is bypassed when the secret is absent.
Impact: - WhatsApp: attacker POSTs a crafted Meta Cloud API payload spoofing any sender and message text; injected into agent sessions and processed as a real user message (prompt injection, unauthorized agent/command invocation, contact impersonation). - Linear: attacker POSTs forged AgentSession / Comment events, causing the agent to act on and comment on issues no legitimate event referenced. The webhook routes require no other authentication, so exploitation needs only network reachability.
Proof of concept (bot started without the secret - the default):
curl -X POST http://VICTIM:PORT/webhook \ -H 'Content-Type: application/json' \ -d '{"object":"whatsapp_business_account","entry":[{"changes":[{"value": {"messages":[{"from":"15551234567","id":"wamid.x","type":"text", "text":{"body":"attacker-injected message"}}]}}]}]}' # No X-Hub-Signature-256 header; bot returns 200 and processes the message. # Linear: omit LINEAR_WEBHOOK_SECRET and POST without a Linear-Signature header.
A self-contained PoC that executes the real _handle_webhook / _verify_signature source extracted from the repo confirms: secret unset -> status 200, payload dispatched (VULNERABLE); secret set + no signature -> status 403, nothing dispatched (control).
Remediation: Fail closed. When no secret is configured, reject all webhooks (HTTP 403) and refuse to start the adapter unless a secret is set (or an explicit, clearly-named insecure-dev override is given):
if not self._app_secret: return web.Response(status=403, text="Webhook secret not configured") signature = request.headers.get("X-Hub-Signature-256", "") if not self._verify_signature(body, signature): return web.Response(status=403, text="Invalid signature")
Distinct from prior advisories: The accepted default-insecure advisories cover a different surface/mechanism — CALL_SERVER_TOKEN unset (GHSA-86qc-r5v2-v6x6) and the JWT key default "dev-secret-change-me" (GHSA-3qg8-5g3r-79v5). This is in the bot webhook adapters and the mechanism is skipping signature verification entirely when the secret is absent, not a weak default key.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.6.52"
},
"package": {
"ecosystem": "PyPI",
"name": "praisonai"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.6.59"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-345",
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-18T13:58:08Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "The WhatsApp and Linear bot adapters verify the inbound webhook HMAC signature only\nwhen a secret is configured. When the secret environment variable is unset \u2014 the\ndefault on a fresh install and common in development \u2014 verification is skipped entirely\nand the webhook body is parsed and dispatched as a genuine, trusted event. A remote,\nunauthenticated attacker who can reach the bot\u0027s webhook endpoint can inject arbitrary\nplatform events.\n\nAffected code:\n\nWhatsApp - src/praisonai/praisonai/bots/whatsapp.py\n- __init__ (line 108): self._app_secret = app_secret or os.environ.get(\"WHATSAPP_APP_SECRET\", \"\") -\u003e defaults to \"\"\n- route (line 246): app.router.add_post(self._webhook_path, self._handle_webhook) -\u003e default path \"/webhook\"\n- _handle_webhook (lines 585-595): `if self._app_secret:` gates the ENTIRE check; when falsy the body is\n json.loads()\u0027d and dispatched to _process_webhook_data() with no verification.\n\nLinear - src/praisonai/praisonai/bots/linear.py\n- __init__ (line 86): self._signing_secret = signing_secret or os.environ.get(\"LINEAR_WEBHOOK_SECRET\", \"\") -\u003e \"\"\n- _handle_webhook (lines 244-248): same `if self._signing_secret:` fail-open guard.\n- start() (lines 169-170): only logs a warning; does not fail closed.\n\nThe _verify_signature implementations themselves are correct (constant-time HMAC-SHA256);\nthe defect is that verification is bypassed when the secret is absent.\n\nImpact:\n- WhatsApp: attacker POSTs a crafted Meta Cloud API payload spoofing any sender and message\n text; injected into agent sessions and processed as a real user message (prompt injection,\n unauthorized agent/command invocation, contact impersonation).\n- Linear: attacker POSTs forged AgentSession / Comment events, causing the agent to act on and\n comment on issues no legitimate event referenced.\nThe webhook routes require no other authentication, so exploitation needs only network\nreachability.\n\nProof of concept (bot started without the secret - the default):\n\n curl -X POST http://VICTIM:PORT/webhook \\\n -H \u0027Content-Type: application/json\u0027 \\\n -d \u0027{\"object\":\"whatsapp_business_account\",\"entry\":[{\"changes\":[{\"value\":\n {\"messages\":[{\"from\":\"15551234567\",\"id\":\"wamid.x\",\"type\":\"text\",\n \"text\":{\"body\":\"attacker-injected message\"}}]}}]}]}\u0027\n # No X-Hub-Signature-256 header; bot returns 200 and processes the message.\n # Linear: omit LINEAR_WEBHOOK_SECRET and POST without a Linear-Signature header.\n\nA self-contained PoC that executes the real _handle_webhook / _verify_signature source\nextracted from the repo confirms: secret unset -\u003e status 200, payload dispatched (VULNERABLE);\nsecret set + no signature -\u003e status 403, nothing dispatched (control).\n\nRemediation:\nFail closed. When no secret is configured, reject all webhooks (HTTP 403) and refuse to start\nthe adapter unless a secret is set (or an explicit, clearly-named insecure-dev override is given):\n\n if not self._app_secret:\n return web.Response(status=403, text=\"Webhook secret not configured\")\n signature = request.headers.get(\"X-Hub-Signature-256\", \"\")\n if not self._verify_signature(body, signature):\n return web.Response(status=403, text=\"Invalid signature\")\n\nDistinct from prior advisories:\nThe accepted default-insecure advisories cover a different surface/mechanism \u2014 CALL_SERVER_TOKEN\nunset (GHSA-86qc-r5v2-v6x6) and the JWT key default \"dev-secret-change-me\" (GHSA-3qg8-5g3r-79v5).\nThis is in the bot webhook adapters and the mechanism is skipping signature verification entirely\nwhen the secret is absent, not a weak default key.",
"id": "GHSA-x92v-rpx6-p6cw",
"modified": "2026-06-18T13:58:08Z",
"published": "2026-06-18T13:58:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x92v-rpx6-p6cw"
},
{
"type": "PACKAGE",
"url": "https://github.com/MervinPraison/PraisonAI"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "PraisonAI: Webhook signature verification skipped (fail-open) when secret unset, allowing forged inbound webhooks (WhatsApp \u0026 Linear bots)"
}
GHSA-X9W5-V3Q2-3RHW
Vulnerability from github – Published: 2023-10-26 20:53 – Updated: 2025-02-13 19:19Summary
An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack.
Details
In dsaVerify function, it checks whether the value of the signature is legal by calling function checkValue, namely, whether r and s are both in the interval [1, q - 1]. However, the second line of the checkValue function wrongly checks the upper bound of the passed parameters, since the value of b.cmp(q) can only be 0, 1 and -1, and it can never be greater than q.
In this way, although the values of s cannot be 0, an attacker can achieve the same effect as zero by setting its value to q, and then send (r, s) = (1, q) to pass the verification of any public key.
Impact
All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability.
Fix PR:
Since the temporary private fork was deleted, here's a webarchive of the PR discussion and diff pages: PR webarchive.zip
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.1"
},
"package": {
"ecosystem": "npm",
"name": "browserify-sign"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "4.2.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-46234"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-26T20:53:21Z",
"nvd_published_at": "2023-10-26T15:15:09Z",
"severity": "HIGH"
},
"details": "### Summary\nAn upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack.\n\n### Details\nIn `dsaVerify` function, it checks whether the value of the signature is legal by calling function `checkValue`, namely, whether `r` and `s` are both in the interval `[1, q - 1]`. However, the second line of the `checkValue` function wrongly checks the upper bound of the passed parameters, since the value of `b.cmp(q)` can only be `0`, `1` and `-1`, and it can never be greater than `q`. \n\nIn this way, although the values of `s` cannot be `0`, an attacker can achieve the same effect as zero by setting its value to `q`, and then send `(r, s) = (1, q)` to pass the verification of any public key.\n\n### Impact\nAll places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability.\n\n\n### Fix PR:\nSince the temporary private fork was deleted, here\u0027s a webarchive of the PR discussion and diff pages: [PR webarchive.zip](https://github.com/browserify/browserify-sign/files/13172957/PR.webarchive.zip)",
"id": "GHSA-x9w5-v3q2-3rhw",
"modified": "2025-02-13T19:19:37Z",
"published": "2023-10-26T20:53:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46234"
},
{
"type": "WEB",
"url": "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30"
},
{
"type": "PACKAGE",
"url": "https://github.com/browserify/browserify-sign"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5539"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack"
}
GHSA-XCGW-94HJ-93R7
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer's computer.
{
"affected": [],
"aliases": [
"CVE-2021-34420"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-11T23:15:00Z",
"severity": "HIGH"
},
"details": "The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer\u0027s computer.",
"id": "GHSA-xcgw-94hj-93r7",
"modified": "2022-05-24T19:20:36Z",
"published": "2022-05-24T19:20:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34420"
},
{
"type": "WEB",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
},
{
"type": "WEB",
"url": "https://medium.com/manomano-tech/a-red-team-operation-leveraging-a-zero-day-vulnerability-in-zoom-80f57fb0822e"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
CAPEC-463: Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.
CAPEC-475: Signature Spoofing by Improper Validation
An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.