A vulnerability (CVE-2024-32962) has been identified in the xml-crypto JavaScript library, which is used as a dependency for 402 projects and downloaded from the NPM catalog about a million times a week.It has been assigned the maximum level of danger (10 out of 10). The library provides functions for encryption and verification by digital signature of XML documents. The vulnerability allows an attacker to authenticate a dummy document, which in the default configuration will be successfully verified by the library, despite the fact that it is signed with the wrong key that is specified for verifying signatures. The problem has been occurring since xml-crypto version 4.0.0 and was fixed without too much publicity in the January 6.0.0 release.
The vulnerability is caused by the fact that in the default configuration, the library does not authorize the signature creator, but only checks the correctness of the signature itself. In particular, the library trusts any certificate placed in a signed document in the KeyInfo XML element, even if the settings specify using a specific certificate for verifying digital signatures. Thus, to successfully verify a modified document, an attacker only needs to replace the original digital signature with the signature generated by their private key, and place the certificate (public key) associated with this private key in the KeyInfo element.
The vulnerability is caused by the fact that in the default configuration, the library does not authorize the signature creator, but only checks the correctness of the signature itself. In particular, the library trusts any certificate placed in a signed document in the KeyInfo XML element, even if the settings specify using a specific certificate for verifying digital signatures. Thus, to successfully verify a modified document, an attacker only needs to replace the original digital signature with the signature generated by their private key, and place the certificate (public key) associated with this private key in the KeyInfo element.
