CVE-2025-66578

MEDIUM6.0EPSS 0.03%

robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation

Published: 12/8/2025Modified: 12/9/2025

Description

### Summary An authentication bypass vulnerability exists due to a flaw in the libxml2 canonicalization process, which is used by [xmlseclibs](https://github.com/robrichards/xmlseclibs) during document transformation. This weakness allows an attacker to generate a valid signature once and reuse it indefinitely. In practice, a signature created during a previous interaction - or through a misconfigured authentication flow - can be replayed to bypass authentication checks. ### Details When libxml2’s canonicalization is invoked on an invalid XML input, it may return an empty string rather than a canonicalized node. [xmlseclibs](https://github.com/robrichards/xmlseclibs) then proceeds to compute the DigestValue over this empty string, treating it as if canonicalization succeeded. https://github.com/robrichards/xmlseclibs/blob/f4131320c6dcd460f1b0c67f16f8bf24ce4b5c3e/src/XMLSecurityDSig.php#L296 ### Impact Digest bypass: By crafting input that causes canonicalization to yield an empty string, the attacker can manipulate validation to pass incorrectly. Signature replay on empty canonical form: If an empty string has been signed once (e.g., in a prior interaction or via a misconfigured flow), that signature can potentially be replayed to bypass authentication. ### Suggested remediation Treat canonicalization failures (exceptions or nil/empty outputs) as fatal and abort validation. Add explicit checks: reject when canonicalize returns nil/empty or raise

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1MEDIUM6.0CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

References (5)