CWE-345
DiscouragedInsufficient Verification of Data Authenticity
Abstraction: Class · Status: Draft
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
939 vulnerabilities reference this CWE, most recent first.
GHSA-R3R4-G7HQ-PQ4F
Vulnerability from github – Published: 2025-02-03 16:48 – Updated: 2025-02-05 16:34Name: ASA-2025-002: Malicious peer can stall network by disseminating seemingly valid block parts Component: CometBFT Criticality: High (Catastrophic Impact; Possible Likelihood per ACMv1.2) Affected versions: <= v0.38.16, v1.0.0 Affected users: Validators, Full nodes, Users
Description
A bug was identified in the CometBFT validation of block part indices and the corresponding proof part indices that can lead to incorrect processing and dissemination of invalid parts, which in turn could lead to a network halt. Additional validation was added to prevent this condition from happening.
Patches
The new CometBFT releases v1.0.1 and v0.38.17 fix this issue.
Unreleased code in the main branch is patched as well.
Workarounds
There are no known workarounds for this issue. If a node is producing these malicious proofs, the only mitigation is to upgrade CometBFT. After upgrading, the validators then will eventually conclude the correct value.
Technical Deep-Dive
When the next proposer creates a block, it is split into many block parts (64kB each). Each block part is then disseminated via p2p layer in a gossip fashion. The block part contains the following fields:
type Part struct {
Index uint32 `json:"index"`
Bytes cmtbytes.HexBytes `json:"bytes"`
Proof merkle.Proof `json:"proof"`
}
Index- represents the index of a block partBytes- the actual contentProof- Merkle proof, which allows the receiving node to quickly verify that aPartis indeed a piece of the proposed block.
The Proof contains the following fields:
type Proof struct {
Total int64 `json:"total"` // Total number of items.
Index int64 `json:"index"` // Index of item to prove.
LeafHash []byte `json:"leaf_hash"` // Hash of item value.
Aunts [][]byte `json:"aunts,omitempty"` // Hashes from leaf's sibling to a root's child.
}
Note that the total number of leaves in the Merkle tree equals the number of parts in the proposed block. Previously, CometBFT did not validate the Index field and specifically that Part.Index must be equal to Part.Proof.Index. This leads to a condition where, it is possible to use the proof from a different part and CometBFT accept it, even though the proof proves the different part is a piece of the proposed block and not the part that the peer actually sent to us.
This condition is problematic because:
- it would disseminate the invalid block part to its neighboring nodes (because it deemed it as correct)
- it would mark the block part as received and ask the neighboring nodes not to relay it in the future, making it impossible to receive the correct block part.
To address this, CometBFT was patched to verify that Part.Index is equal to Part.Proof.Index, preventing the above condition.
Timeline
- January 15, 2025, 12:12pm PST: Issue reported to the Cosmos Bug Bounty program
- January 15, 2025, 12:31pm PST: Issue triaged by Amulet on-call, and distributed to Core team
- January 27, 2025, 11:28pm PST: Core team completes validation of issue
- January 31, 2024, 2:15pm PST: Pre-notification delivered
- February 3rd, 2024, 9:00am UTC+4: Patch made available
This issue was reported by unknown_feature to the Cosmos Bug Bounty Program on HackerOne on January 15, 2025. If you believe you have found a bug in the Interchain Stack or would like to contribute to the program by reporting a bug, please see https://hackerone.com/cosmos.
If you have questions about Interchain security efforts, please reach out to our official communication channel at security@interchain.io. For more information about the Interchain Foundation’s engagement with Amulet, and to sign up for security notification emails, please see https://github.com/interchainio/security.
A Github Security Advisory for this issue is available in the CometBFT repository. For more information about CometBFT, see https://docs.cometbft.com/.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/cometbft/cometbft"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0-alpha.1"
},
{
"fixed": "1.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/cometbft/cometbft"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.38.17"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-03T16:48:59Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "Name: ASA-2025-002: Malicious peer can stall network by disseminating seemingly valid block parts\nComponent: CometBFT\nCriticality: High (Catastrophic Impact; Possible Likelihood per [ACMv1.2](https://github.com/interchainio/security/blob/main/resources/CLASSIFICATION_MATRIX.md))\nAffected versions: \u003c= v0.38.16, v1.0.0\nAffected users: Validators, Full nodes, Users\n\n### Description\n\nA bug was identified in the CometBFT validation of block part indices and the corresponding proof part indices that can lead to incorrect processing and dissemination of invalid parts, which in turn could lead to a network halt. Additional validation was added to prevent this condition from happening.\n\n### Patches\n\nThe new CometBFT releases [v1.0.1](https://github.com/cometbft/cometbft/releases/tag/v1.0.1) and [v0.38.17](https://github.com/cometbft/cometbft/releases/tag/v0.38.17) fix this issue.\n\nUnreleased code in the main branch is patched as well.\n\n### Workarounds\n\nThere are no known workarounds for this issue. If a node is producing these malicious proofs, the only mitigation is to upgrade CometBFT. After upgrading, the validators then will eventually conclude the correct value.\n\n### Technical Deep-Dive\n\nWhen the next proposer creates a block, it is split into many block parts (64kB each). Each block part is then disseminated via p2p layer in a gossip fashion. The block part contains the following fields:\n\n```go\ntype Part struct {\n\tIndex uint32 `json:\"index\"`\n\tBytes cmtbytes.HexBytes `json:\"bytes\"`\n\tProof merkle.Proof `json:\"proof\"`\n}\n```\n\n- `Index` - represents the index of a block part\n- `Bytes` - the actual content\n- `Proof` - Merkle proof, which allows the receiving node to quickly verify that a `Part` is indeed a piece of the proposed block.\n\nThe `Proof` contains the following fields:\n\n```go\ntype Proof struct {\n\tTotal int64 `json:\"total\"` // Total number of items.\n\tIndex int64 `json:\"index\"` // Index of item to prove.\n\tLeafHash []byte `json:\"leaf_hash\"` // Hash of item value.\n\tAunts [][]byte `json:\"aunts,omitempty\"` // Hashes from leaf\u0027s sibling to a root\u0027s child.\n}\n```\n\nNote that the total number of leaves in the Merkle tree equals the number of parts in the proposed block. Previously, CometBFT did not validate the `Index` field and specifically that `Part.Index` must be equal to `Part.Proof.Index`. This leads to a condition where, it is possible to use the proof from a different part and CometBFT accept it, even though the proof proves the different part is a piece of the proposed block and not the part that the peer actually sent to us.\n\nThis condition is problematic because: \n\n1. it would disseminate the invalid block part to its neighboring nodes (because it deemed it as correct)\n2. it would mark the block part as received and ask the neighboring nodes not to relay it in the future, making it impossible to receive the correct block part.\n\nTo address this, CometBFT was patched to verify that `Part.Index` is equal to `Part.Proof.Index`, preventing the above condition.\n\n### Timeline\n\n* January 15, 2025, 12:12pm PST: Issue reported to the Cosmos Bug Bounty program\n* January 15, 2025, 12:31pm PST: Issue triaged by Amulet on-call, and distributed to Core team\n* January 27, 2025, 11:28pm PST: Core team completes validation of issue\n* January 31, 2024, 2:15pm PST: Pre-notification delivered\n* February 3rd, 2024, 9:00am UTC+4: Patch made available\n\nThis issue was reported by [unknown_feature](https://github.com/unknownfeature) to the Cosmos Bug Bounty Program on HackerOne on January 15, 2025. If you believe you have found a bug in the Interchain Stack or would like to contribute to the program by reporting a bug, please see https://hackerone.com/cosmos.\n\nIf you have questions about Interchain security efforts, please reach out to our official communication channel at [security@interchain.io](mailto:security@interchain.io). For more information about the Interchain Foundation\u2019s engagement with Amulet, and to sign up for security notification emails, please see https://github.com/interchainio/security. \n\nA Github Security Advisory for this issue is available in the CometBFT [repository](https://github.com/cometbft/cometbft/security/advisories/GHSA-r3r4-g7hq-pq4f). For more information about CometBFT, see https://docs.cometbft.com/.",
"id": "GHSA-r3r4-g7hq-pq4f",
"modified": "2025-02-05T16:34:57Z",
"published": "2025-02-03T16:48:59Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/cometbft/cometbft/security/advisories/GHSA-r3r4-g7hq-pq4f"
},
{
"type": "WEB",
"url": "https://github.com/cometbft/cometbft/commit/415c0da223bb7694608913f725fa45bd7a7a46bf"
},
{
"type": "WEB",
"url": "https://github.com/cometbft/cometbft/commit/f943aabc7b9201ea1089ff3381479929435ce424"
},
{
"type": "PACKAGE",
"url": "https://github.com/cometbft/cometbft"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3443"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts"
}
GHSA-R434-53MC-RHW4
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
{
"affected": [],
"aliases": [
"CVE-2021-38597"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-12T15:15:00Z",
"severity": "MODERATE"
},
"details": "wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.",
"id": "GHSA-r434-53mc-rhw4",
"modified": "2022-05-24T19:10:56Z",
"published": "2022-05-24T19:10:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38597"
},
{
"type": "WEB",
"url": "https://github.com/wolfSSL/wolfssl/commit/f93083be72a3b3d956b52a7ec13f307a27b6e093"
},
{
"type": "WEB",
"url": "https://www.wolfssl.com/docs/wolfssl-changelog"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R478-C2PC-M7GX
Vulnerability from github – Published: 2022-01-12 20:07 – Updated: 2024-09-18 20:06The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "dnslib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.17"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-22846"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": true,
"github_reviewed_at": "2022-01-11T18:25:47Z",
"nvd_published_at": "2022-01-10T14:12:00Z",
"severity": "HIGH"
},
"details": "The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query.",
"id": "GHSA-r478-c2pc-m7gx",
"modified": "2024-09-18T20:06:40Z",
"published": "2022-01-12T20:07:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22846"
},
{
"type": "WEB",
"url": "https://github.com/paulc/dnslib/issues/30"
},
{
"type": "WEB",
"url": "https://github.com/paulc/dnslib/commit/76e8677699ed098387d502c57980f58da642aeba"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-r478-c2pc-m7gx"
},
{
"type": "WEB",
"url": "https://github.com/paulc/dnslib"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/dnslib/PYSEC-2022-4.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "dnslib has DNS reply verification issue"
}
GHSA-R47H-9XX2-MW53
Vulnerability from github – Published: 2026-05-20 12:30 – Updated: 2026-05-20 12:30Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.
{
"affected": [],
"aliases": [
"CVE-2026-25602"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-20T11:16:26Z",
"severity": "MODERATE"
},
"details": "Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address.\u00a0This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.",
"id": "GHSA-r47h-9xx2-mw53",
"modified": "2026-05-20T12:30:38Z",
"published": "2026-05-20T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25602"
},
{
"type": "WEB",
"url": "https://seccore.at/blog/cves-meona"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R4W4-WV68-QV85
Vulnerability from github – Published: 2026-05-07 00:06 – Updated: 2026-05-14 20:49Impact
Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support (@NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping) did not verify the signature of incoming SNS messages.
An unauthenticated attacker who knows the endpoint URL could send crafted HTTP POST requests mimicking SNS Notification or SubscriptionConfirmation messages, causing the application to:
- Process arbitrary payloads as if they were legitimate SNS notifications.
- Auto-confirm subscriptions or unsubscribe from attacker-controlled topics.
Affected versions: 3.0.0 through 3.4.2, 4.0.0, and 4.0.1.
The 3.x line will not receive a fix; users on 3.x should apply the workaround below or upgrade to 4.0.2.
Patches
Fixed in Spring Cloud AWS 4.0.2. When using Spring Boot auto-configuration, signature verification is enabled by default. Users should upgrade to 4.0.2.
Workarounds
Manually verify the SNS message signature in a servlet filter or Spring HandlerInterceptor before the request reaches the controller, using SnsMessageManager from the AWS SDK v2 sns-message-manager module.
### Resources
- AWS SNS: Verifying the signatures of Amazon SNS messages (https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html)
- AWS SDK for Java v2: SnsMessageManager (https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/messagemanager/sns/SnsMessageManager.html)
- Fix PR: #1614
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "io.awspring.cloud:spring-cloud-aws-sns"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.0.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.awspring.cloud:spring-cloud-aws-sns"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"last_affected": "3.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44308"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-07T00:06:52Z",
"nvd_published_at": "2026-05-14T15:16:47Z",
"severity": "MODERATE"
},
"details": "### Impact\n \n Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support (@NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping) did not verify the signature of incoming SNS messages.\n\nAn unauthenticated attacker who knows the endpoint URL could send crafted HTTP POST requests mimicking SNS Notification or SubscriptionConfirmation messages, causing the application to:\n \n - Process arbitrary payloads as if they were legitimate SNS notifications.\n - Auto-confirm subscriptions or unsubscribe from attacker-controlled topics.\n \nAffected versions: 3.0.0 through 3.4.2, 4.0.0, and 4.0.1.\n \nThe 3.x line will not receive a fix; users on 3.x should apply the workaround below or upgrade to 4.0.2.\n \n### Patches\n \nFixed in Spring Cloud AWS 4.0.2. When using Spring Boot auto-configuration, signature verification is enabled by default. Users should upgrade to 4.0.2.\n \n### Workarounds\n \nManually verify the SNS message signature in a servlet filter or Spring HandlerInterceptor before the request reaches the controller, using SnsMessageManager from the AWS SDK v2 sns-message-manager module.\n \n ### Resources\n \n - AWS SNS: Verifying the signatures of Amazon SNS messages (https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html)\n - AWS SDK for Java v2: SnsMessageManager (https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/messagemanager/sns/SnsMessageManager.html)\n - Fix PR: #1614",
"id": "GHSA-r4w4-wv68-qv85",
"modified": "2026-05-14T20:49:39Z",
"published": "2026-05-07T00:06:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/awspring/spring-cloud-aws/security/advisories/GHSA-r4w4-wv68-qv85"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44308"
},
{
"type": "WEB",
"url": "https://github.com/awspring/spring-cloud-aws/pull/1614"
},
{
"type": "WEB",
"url": "https://github.com/awspring/spring-cloud-aws/commit/6ab2efd97891a3d0ed0126ffa1ce223c9cfa9638"
},
{
"type": "PACKAGE",
"url": "https://github.com/awspring/spring-cloud-aws"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications"
}
GHSA-R64C-PG9J-G8J4
Vulnerability from github – Published: 2023-08-04 00:30 – Updated: 2024-04-04 06:33In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
{
"affected": [],
"aliases": [
"CVE-2023-36139"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-04T00:15:13Z",
"severity": "CRITICAL"
},
"details": "In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.",
"id": "GHSA-r64c-pg9j-g8j4",
"modified": "2024-04-04T06:33:18Z",
"published": "2023-08-04T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36139"
},
{
"type": "WEB",
"url": "https://medium.com/%40bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4"
},
{
"type": "WEB",
"url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4"
},
{
"type": "WEB",
"url": "https://www.phpjabbers.com/cleaning-business-software"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R6PH-V2QM-Q3C2
Vulnerability from github – Published: 2026-02-10 21:27 – Updated: 2026-02-11 14:14Vulnerability Summary
The public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve.
This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup.
Only SECT curves are impacted by this.
Credit
This vulnerability was discovered by: - XlabAI Team of Tencent Xuanwu Lab - Atuin Automated Vulnerability Discovery Engine
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 46.0.4"
},
"package": {
"ecosystem": "PyPI",
"name": "cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "46.0.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-26007"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-10T21:27:06Z",
"nvd_published_at": "2026-02-10T22:17:00Z",
"severity": "HIGH"
},
"details": "## Vulnerability Summary\n\nThe `public_key_from_numbers` (or `EllipticCurvePublicNumbers.public_key()`), `EllipticCurvePublicNumbers.public_key()`, `load_der_public_key()` and `load_pem_public_key()` functions do not verify that the point belongs to the expected prime-order subgroup of the curve.\n\nThis missing validation allows an attacker to provide a public key point `P` from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as `S = [victim_private_key]P` via ECDH, this leaks information about `victim_private_key mod (small_subgroup_order)`. For curves with cofactor \u003e 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it\u0027s easy to forge signatures on the small subgroup.\n\nOnly SECT curves are impacted by this.\n\n## Credit\n\nThis vulnerability was discovered by:\n- XlabAI Team of Tencent Xuanwu Lab\n- Atuin Automated Vulnerability Discovery Engine",
"id": "GHSA-r6ph-v2qm-q3c2",
"modified": "2026-02-11T14:14:19Z",
"published": "2026-02-10T21:27:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyca/cryptography"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/releases/tag/46.0.5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/02/10/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves"
}
GHSA-R6WG-2V54-WV96
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.
{
"affected": [],
"aliases": [
"CVE-2020-23906"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-10T22:15:00Z",
"severity": "MODERATE"
},
"details": "FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.",
"id": "GHSA-r6wg-2v54-wv96",
"modified": "2022-05-24T19:20:12Z",
"published": "2022-05-24T19:20:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23906"
},
{
"type": "WEB",
"url": "https://trac.ffmpeg.org/ticket/8782"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R86X-H62P-FJ22
Vulnerability from github – Published: 2022-05-17 01:26 – Updated: 2022-05-17 01:26ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
{
"affected": [],
"aliases": [
"CVE-2014-2718"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-11-04T22:55:00Z",
"severity": "HIGH"
},
"details": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.",
"id": "GHSA-r86x-h62p-fj22",
"modified": "2022-05-17T01:26:20Z",
"published": "2022-05-17T01:26:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2718"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"type": "WEB",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"type": "WEB",
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/70791"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R9PQ-2W6R-9889
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2024-04-04 02:45com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks.
{
"affected": [],
"aliases": [
"CVE-2019-20057"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-29T19:15:00Z",
"severity": "MODERATE"
},
"details": "com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks.",
"id": "GHSA-r9pq-2w6r-9889",
"modified": "2024-04-04T02:45:50Z",
"published": "2022-05-24T17:05:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20057"
},
{
"type": "WEB",
"url": "https://github.com/ProxymanApp/Proxyman/issues/364"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-111: JSON Hijacking (aka JavaScript Hijacking)
An attacker targets a system that uses JavaScript Object Notation (JSON) as a transport mechanism between the client and the server (common in Web 2.0 systems using AJAX) to steal possibly confidential information transmitted from the server back to the client inside the JSON object by taking advantage of the loophole in the browser's Same Origin Policy that does not prohibit JavaScript from one website to be included and executed in the context of another website.
CAPEC-141: Cache Poisoning
An attacker exploits the functionality of cache technologies to cause specific data to be cached that aids the attackers' objectives. This describes any attack whereby an attacker places incorrect or harmful material in cache. The targeted cache can be an application's cache (e.g. a web browser cache) or a public cache (e.g. a DNS or ARP cache). Until the cache is refreshed, most applications or clients will treat the corrupted cache value as valid. This can lead to a wide range of exploits including redirecting web browsers towards sites that install malware and repeatedly incorrect calculations based on the incorrect value.
CAPEC-142: DNS Cache Poisoning
A domain name server translates a domain name (such as www.example.com) into an IP address that Internet hosts use to contact Internet resources. An adversary modifies a public DNS cache to cause certain names to resolve to incorrect addresses that the adversary specifies. The result is that client applications that rely upon the targeted cache for domain name resolution will be directed not to the actual address of the specified domain name but to some other address. Adversaries can use this to herd clients to sites that install malware on the victim's computer or to masquerade as part of a Pharming attack.
CAPEC-148: Content Spoofing
An adversary modifies content to make it contain something other than what the original content producer intended while keeping the apparent source of the content unchanged. The term content spoofing is most often used to describe modification of web pages hosted by a target to display the adversary's content instead of the owner's content. However, any content can be spoofed, including the content of email messages, file transfers, or the content of other network communication protocols. Content can be modified at the source (e.g. modifying the source file for a web page) or in transit (e.g. intercepting and modifying a message between the sender and recipient). Usually, the adversary will attempt to hide the fact that the content has been modified, but in some cases, such as with web site defacement, this is not necessary. Content Spoofing can lead to malware exposure, financial fraud (if the content governs financial transactions), privacy violations, and other unwanted outcomes.
CAPEC-218: Spoofing of UDDI/ebXML Messages
An attacker spoofs a UDDI, ebXML, or similar message in order to impersonate a service provider in an e-business transaction. UDDI, ebXML, and similar standards are used to identify businesses in e-business transactions. Among other things, they identify a particular participant, WSDL information for SOAP transactions, and supported communication protocols, including security protocols. By spoofing one of these messages an attacker could impersonate a legitimate business in a transaction or could manipulate the protocols used between a client and business. This could result in disclosure of sensitive information, loss of message integrity, or even financial fraud.
CAPEC-384: Application API Message Manipulation via Man-in-the-Middle
An attacker manipulates either egress or ingress data from a client within an application framework in order to change the content of messages. Performing this attack can allow the attacker to gain unauthorized privileges within the application, or conduct attacks such as phishing, deceptive strategies to spread malware, or traditional web-application attacks. The techniques require use of specialized software that allow the attacker to perform adversary-in-the-middle (CAPEC-94) communications between the web browser and the remote system. Despite the use of AiTH software, the attack is actually directed at the server, as the client is one node in a series of content brokers that pass information along to the application framework. Additionally, it is not true "Adversary-in-the-Middle" attack at the network layer, but an application-layer attack the root cause of which is the master applications trust in the integrity of code supplied by the client.
CAPEC-385: Transaction or Event Tampering via Application API Manipulation
An attacker hosts or joins an event or transaction within an application framework in order to change the content of messages or items that are being exchanged. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that look authentic but may contain deceptive links, substitute one item or another, spoof an existing item and conduct a false exchange, or otherwise change the amounts or identity of what is being exchanged. The techniques require use of specialized software that allow the attacker to man-in-the-middle communications between the web browser and the remote system in order to change the content of various application elements. Often, items exchanged in game can be monetized via sales for coin, virtual dollars, etc. The purpose of the attack is for the attack to scam the victim by trapping the data packets involved the exchange and altering the integrity of the transfer process.
CAPEC-386: Application API Navigation Remapping
An attacker manipulates either egress or ingress data from a client within an application framework in order to change the destination and/or content of links/buttons displayed to a user within API messages. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that looks authentic but contains links/buttons that point to an attacker controlled destination. Some applications make navigation remapping more difficult to detect because the actual HREF values of images, profile elements, and links/buttons are masked. One example would be to place an image in a user's photo gallery that when clicked upon redirected the user to an off-site location. Also, traditional web vulnerabilities (such as CSRF) can be constructed with remapped buttons or links. In some cases navigation remapping can be used for Phishing attacks or even means to artificially boost the page view, user site reputation, or click-fraud.
CAPEC-387: Navigation Remapping To Propagate Malicious Content
An adversary manipulates either egress or ingress data from a client within an application framework in order to change the content of messages and thereby circumvent the expected application logic.
CAPEC-388: Application API Button Hijacking
An attacker manipulates either egress or ingress data from a client within an application framework in order to change the destination and/or content of buttons displayed to a user within API messages. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that looks authentic but contains buttons that point to an attacker controlled destination.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.
CAPEC-701: Browser in the Middle (BiTM)
An adversary exploits the inherent functionalities of a web browser, in order to establish an unnoticed remote desktop connection in the victim's browser to the adversary's system. The adversary must deploy a web client with a remote desktop session that the victim can access.