Gttds

**Name of the Vulnerable Software and Affected Versions** XML-Sig versions 0.27 through 0.67 **Description** The Perl module XML-Sig does not correctly validate XML files when signatures are absent. An attacker can remove a signature from an XML document, causing the verification check to pass incorrectly. An unsigned XML file should normally return an error, but the affected versions return a successful validation result when no signature is present. **Recommendations** Update to a version of XML-Sig greater than 0.67.