When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (signxml.XMLVerifier.verify(require_x509=False, hmac_key=...
), prior versions of SignXML are vulnerable to a potential algorithm confusion attack. Unless the user explicitly limits the expected signature algorithms using the signxml.XMLVerifier.verify(expect_config=...)
setting, an attacker may supply a signature unexpectedly signed with a key other than the provided HMAC key, using a different (asymmetric key) signature algorithm.
Starting with signxml 4.0.4, specifying hmac_key
causes the set of accepted signature algorithms to be restricted to HMAC only, if not already restricted by the user.
{ "nvd_published_at": "2025-06-02T17:15:40Z", "cwe_ids": [ "CWE-303" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2025-06-05T00:38:20Z" }