CVE Published: 27/12/2022 |
CVE Updated: 04/08/2024 |
CVE Year: 2020 Source: Go |
Vendor: github.com/RobotsAndPencils/go-saml |
Product: github.com/RobotsAndPencils/go-saml Status : PUBLISHED
CVE-2020-36563 Description
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input.