Skip to main content

GHSA-479M-364C-43VC

CVE Details

Visit the official vulnerability details page for GHSA-479M-364C-43VC to learn more.

Initial Publication

03/18/2026

Last Update

03/18/2026

Third Party Dependency

github.com/russellhaering/goxmldsig

NIST CVE Summary

validateSignature Loop Variable Capture Signature Bypass in goxmldsig

CVE Severity

7.5

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

fixed

Affected Products & Versions

VersionPaletteAIPaletteAI VerteX
1.1.0-rc.0⚠️ Impacted⚠️ Impacted
1.0.2⚠️ Impacted⚠️ Impacted

Revision History

No revisions available.