漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated.
漏洞信息
N/A
漏洞
N/A
漏洞
go-jose 安全漏洞
漏洞信息
go-jose是一种用于实现JavaScript对象签名和加密的标准方法。 go-jose 1.0.4之前的版本中存在安全漏洞,该漏洞源于程序没有验证签名的有效性。攻击者可利用该漏洞读取未授权的数据。
漏洞信息
N/A
漏洞
N/A