CNNVD-202511-1902 Information

CNNVD ID

CNNVD-202511-1902

Related CVE

CVE-2025-65083

• CNNVD Published: 2025-11-17

Description (Chinese)

GoSign Desktop是立陶宛GoSign公司的一个电子文件签署软件。 GoSign Desktop 2.4.1及之前版本存在信任管理问题漏洞，该漏洞源于配置代理服务器时禁用TLS证书验证，可能导致完整性保护被绕过。

Description (English)

GoSign Desktop is an electronic document signing software for GoSign, Lithuania. GoSign Desktop 2.4.1 and previous versions contain a trust management gap, which stems from the fact that TLS certificates are disabled when configured on the proxy server and may result in integrity protection being bypassed.

Hazard Level

Critical

Vulnerability Type

信任管理问题

Affected Vendor

GoSign

Published

2025-11-17

Last Modified

2026-02-24

References

https://securityaffairs.com/184672/hacking/multiple-vulnerabilities-in-gosign-desktop-lead-to-remote-code-execution.html https://www.firma.infocert.it/prodotti/gosign https://access.redhat.com/security/cve/cve-2025-65083

Patch

https://www.firma.infocert.it/prodotti/gosign