CVE-2023-34205

Published: 2023-05-30T04:15Z

Last Modified: 2025-01-10T22:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. Thus, signature validation can be bypassed via a Signature Wrapping attack (aka XSW). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt