CVE-2020-24439

LOW Year: 2020
CVSS v3 Score
2.8
Low
CVSS v2 Score
1.2
Low
Weakness Type
CWE-347
View all →

Vulnerability Description

Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process.

Related Vulnerabilities

CVE-2018-1842

LOW
CVSS:3.6(Low)

IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.

CWE-3472018

CVE-2011-3374

LOW
CVSS:3.7(Low)

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

CWE-3472011

CVE-2025-31335

MEDIUM
CVSS:4.0(Medium)

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).

CWE-3472025

CVE-2019-10136

MEDIUM
CVSS:4.3(Medium)

It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around,...

CWE-3472019

CVE-2020-36843

MEDIUM
CVSS:4.3(Medium)

The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Atta...

CWE-3472020