Elwint

**Name of the Vulnerable Software and Affected Versions** Moov signedxml versions 1.0.0 and earlier **Description** The issue arises from the difference in output when parsing raw XML versus canonicalized XML, allowing an attacker to bypass signature validation through a Signature Wrapping attack. This can be exploited due to the variation in parsing results between the uncanonicalized and canonicalized forms of the input XML document. Users of signature validation should only parse the canonicalized form of the validated document to avoid this issue. **Recommendations** For Moov signedxml versions 1.0.0 and earlier, update to version 1.1.0 or later, where the vulnerable Validator.Validate function has been removed. As a temporary workaround, consider using only the Validator.ValidateReferences function and parsing the canonical form it returns, avoiding the use of the Validator.Validate function altogether.