Common Weakness Enumeration

CWE-347

Allowed

Improper Verification of Cryptographic Signature

Abstraction: Base · Status: Draft

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

1128 vulnerabilities reference this CWE, most recent first.

GHSA-63V5-26VQ-M4VM

Vulnerability from github – Published: 2026-01-26 21:30 – Updated: 2026-03-06 00:31
VLAI
Summary
Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods
Details

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML responses, potentially extending the time a response is considered valid and leading to unexpected session durations or resource consumption.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.keycloak:keycloak-services"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "26.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1190"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-112",
      "CWE-347",
      "CWE-613"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-27T21:56:13Z",
    "nvd_published_at": "2026-01-26T20:16:09Z",
    "severity": "LOW"
  },
  "details": "A flaw was found in Keycloak\u0027s SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationData`. This allows an attacker to delay the expiration of SAML responses, potentially extending the time a response is considered valid and leading to unexpected session durations or resource consumption.",
  "id": "GHSA-63v5-26vq-m4vm",
  "modified": "2026-03-06T00:31:28Z",
  "published": "2026-01-26T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1190"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/issues/45646"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3947"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3948"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-1190"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430835"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Keycloak\u0027s missing timestamp validation allows attackers to extend SAML response validity periods"
}

GHSA-64JX-M9PQ-GR8C

Vulnerability from github – Published: 2024-03-19 18:32 – Updated: 2024-05-22 18:30
VLAI
Details

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-2307"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-19T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.",
  "id": "GHSA-64jx-m9pq-gr8c",
  "modified": "2024-05-22T18:30:39Z",
  "published": "2024-03-19T18:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2307"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2119"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2961"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-2307"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268513"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-66XJ-V6XW-92V4

Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI
Details

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6459"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-20T15:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.",
  "id": "GHSA-66xj-v6xw-92v4",
  "modified": "2022-05-13T01:27:32Z",
  "published": "2022-05-13T01:27:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6459"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201811-16"
    },
    {
      "type": "WEB",
      "url": "https://www.strongswan.org/blog/2018/02/19/strongswan-vulnerability-(cve-2018-6459).html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-685J-342H-QP93

Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2024-04-04 01:30
VLAI
Details

cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-18407"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-08-02T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).",
  "id": "GHSA-685j-342h-qp93",
  "modified": "2024-04-04T01:30:25Z",
  "published": "2022-05-24T16:52:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18407"
    },
    {
      "type": "WEB",
      "url": "https://documentation.cpanel.net/display/CL/68+Change+Log"
    },
    {
      "type": "WEB",
      "url": "https://news.cpanel.com/cpanel-tsr-2017-0005-full-disclosure"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-69Q5-VHM6-656F

Vulnerability from github – Published: 2026-06-26 00:32 – Updated: 2026-06-27 21:30
VLAI
Details

PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-7511"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T22:17:03Z",
    "severity": "MODERATE"
  },
  "details": "PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.",
  "id": "GHSA-69q5-vhm6-656f",
  "modified": "2026-06-27T21:30:28Z",
  "published": "2026-06-26T00:32:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7511"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wolfSSL/wolfssl/pull/10203"
    },
    {
      "type": "WEB",
      "url": "https://www.wolfssl.com/docs/security-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-69X3-G4R3-P962

Vulnerability from github – Published: 2026-02-06 20:05 – Updated: 2026-02-07 00:33
VLAI
Summary
Blocklist Bypass possible via ECDSA Signature Malleability
Details

Impact

When using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint.

In order for this to affect a user or network, all of the following must be true: * CURVE_P256 certificates are being used * There are one or more entries on the blocklist * The certificates for those entries are signed by a trusted CA and not expired * An attacker has a copy of the private key, and corresponding certificate, for one of those blocklist entries

Patches

See attached

Workarounds

If full copies of each certificate on the existing blocklist are available, it is possible to compute their opposite-chirality signature, and then the appropriate second fingerprint to list in the blocklist.

Rotating out all CAs that have signed hosts on the blocklist will also prevent exploitation of this vulnerability.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.10.2"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/slackhq/nebula"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.7.0"
            },
            {
              "fixed": "1.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25793"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-06T20:05:35Z",
    "nvd_published_at": "2026-02-06T23:15:54Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nWhen using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint.\n\nIn order for this to affect a user or network, all of the following must be true:\n* `CURVE_P256` certificates are being used\n* There are one or more entries on the blocklist\n* The certificates for those entries are signed by a trusted CA and not expired\n* An attacker has a copy of the private key, and corresponding certificate, for one of those blocklist entries\n\n### Patches\n\nSee attached\n\n### Workarounds\n\nIf full copies of each certificate on the existing blocklist are available, it is possible to compute their opposite-chirality signature, and then the appropriate second fingerprint to list in the blocklist.\n\nRotating out all CAs that have signed hosts on the blocklist will also prevent exploitation of this vulnerability.",
  "id": "GHSA-69x3-g4r3-p962",
  "modified": "2026-02-07T00:33:38Z",
  "published": "2026-02-06T20:05:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/slackhq/nebula/security/advisories/GHSA-69x3-g4r3-p962"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25793"
    },
    {
      "type": "WEB",
      "url": "https://github.com/slackhq/nebula/commit/f573e8a26695278f9d71587390fbfe0d0933aa21"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/slackhq/nebula"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Blocklist Bypass possible via ECDSA Signature Malleability"
}

GHSA-6CGH-HJPW-Q3GQ

Vulnerability from github – Published: 2021-07-02 19:20 – Updated: 2021-07-02 18:25
VLAI
Summary
Utils.readChallengeTx does not verify the server account signature
Details

The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server has signed the transaction and has been fixed so that it does in v8.2.3.

Applications that also used Utils.verifyChallengeTxThreshold or Utils.verifyChallengeTxSigners to verify the signatures including the server signature on the challenge transaction are unaffected as those functions verify the server signed the transaction.

Applications calling Utils.readChallengeTx should update to v8.2.3 to ensure that the challenge transaction is completely valid and signed by the server creating the challenge transaction.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "stellar-sdk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-32738"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-07-02T18:25:08Z",
    "nvd_published_at": "2021-07-02T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The `Utils.readChallengeTx` function used in [SEP-10 Stellar Web Authentication](https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md) states in its function documentation that it reads and validates the challenge transaction including verifying that the `serverAccountID` has signed the transaction. The function does not verify that the server has signed the transaction and has been fixed so that it does in v8.2.3.\n\nApplications that also used `Utils.verifyChallengeTxThreshold` or `Utils.verifyChallengeTxSigners` to verify the signatures including the server signature on the challenge transaction are unaffected as those functions verify the server signed the transaction.\n\nApplications calling `Utils.readChallengeTx` should update to v8.2.3 to ensure that the challenge transaction is completely valid and signed by the server creating the challenge transaction.",
  "id": "GHSA-6cgh-hjpw-q3gq",
  "modified": "2021-07-02T18:25:08Z",
  "published": "2021-07-02T19:20:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/stellar/js-stellar-sdk/security/advisories/GHSA-6cgh-hjpw-q3gq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32738"
    },
    {
      "type": "WEB",
      "url": "https://github.com/stellar/js-stellar-sdk/commit/6f0bb889c2d10b431ddd5f4a1bcdd519c80430b3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/stellar/js-stellar-sdk/releases/tag/v8.2.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Utils.readChallengeTx does not verify the server account signature"
}

GHSA-6FC2-JR2C-4P94

Vulnerability from github – Published: 2024-07-08 18:31 – Updated: 2025-11-04 18:31
VLAI
Details

A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-34435"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-08T16:15:02Z",
    "severity": "HIGH"
  },
  "details": "A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.",
  "id": "GHSA-6fc2-jr2c-4p94",
  "modified": "2025-11-04T18:31:06Z",
  "published": "2024-07-08T18:31:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34435"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1874"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1874"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FWH-897J-M5CJ

Vulnerability from github – Published: 2022-04-30 18:21 – Updated: 2024-02-08 21:30
VLAI
Details

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2002-1706"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.",
  "id": "GHSA-6fwh-897j-m5cj",
  "modified": "2024-02-08T21:30:29Z",
  "published": "2022-04-30T18:21:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1706"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9368"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/5041"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6G3C-2MH5-7Q6X

Vulnerability from github – Published: 2021-04-19 14:56 – Updated: 2023-09-25 16:03
VLAI
Summary
Missing validation of JWT signature in `ManyDesigns/Portofino`
Details

Impact

Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT.

Patches

The issue will be patched in the upcoming 5.2.1 release.

For more information

If you have any questions or comments about this advisory: * Open an issue in https://github.com/ManyDesigns/Portofino

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.manydesigns:portofino-dispatcher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.manydesigns:portofino-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-29451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-16T22:57:13Z",
    "nvd_published_at": "2021-04-16T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n[Portofino](https://github.com/ManyDesigns/Portofino) is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens.\nThis allows forging a valid JWT.\n\n### Patches\nThe issue will be patched in the upcoming 5.2.1 release.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [https://github.com/ManyDesigns/Portofino](https://github.com/ManyDesigns/Portofino)",
  "id": "GHSA-6g3c-2mh5-7q6x",
  "modified": "2023-09-25T16:03:47Z",
  "published": "2021-04-19T14:56:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino/security/advisories/GHSA-6g3c-2mh5-7q6x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29451"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino/commit/8c754a0ad234555e813dcbf9e57d637f9f23d8fb"
    },
    {
      "type": "WEB",
      "url": "https://mvnrepository.com/artifact/com.manydesigns/portofino"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Missing validation of JWT signature in `ManyDesigns/Portofino`"
}

No mitigation information available for this CWE.

CAPEC-463: Padding Oracle Crypto Attack

An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.