![]() ![]() ![]() # Impact Note the final severity is dependant on the environment fontTools is running in. Read the parsed SVG table in the subsetted font: ```shell ttx -t SVG & cat ``` Observed the included contents of the `/etc/passwd` file. ![]() Subset the font with an affected version of fontTools - we tested on `fonttools=4.42.1` and `fonttools=4.28.2` - using the following flags (which just ensure the malicious glyph is mapped by the font and not discard in the subsetting process): ```shell pyftsubset poc-payload.ttf -output-file="" -unicodes="*" -ignore-missing-glyphs ``` 3. Below is an example result from verifying a JSON-LD Presentation where there is an error noted in the processing (mismatched challenge), but the overall result is incorrectly `"verified": true`: ```json ) svg_table = newTable("SVG ") svg_table.docList = fb.font = svg_table fb.font.save('poc-payload.ttf') if _name_ = '_main_': main() ``` 2. # Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs (LDP-VCs), the result of verifying the presentation `document.proof` was not factored into the final `verified` value (`true`/`false`) on the presentation record. GHSA-97x9-59rv-q5pm, CVE-2024-21669 Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC in pypi/aries-cloudagent ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |