CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass
Package
Affected versions
< 1.8.1
>= 1.9.0, < 1.9.1
Patched versions
1.8.1
1.9.1
Description
Published to the GitHub Advisory Database
Jun 19, 2026
Reviewed
Jun 19, 2026
Last updated
Jun 19, 2026
Impact
CoreWCF’s WS-Security 1.0 receive pipeline validates the
SignatureMethodof an incomingds:SignedInfoagainst the configuredSecurityAlgorithmSuite, but does not validate theDigestMethoddeclared on eachds:Reference. As a result, a sender can populateds:SignedInfowithSignatureMethodvalues the suite accepts (for example rsa-sha256 under Basic256Sha256) while declaring a per-referenceDigestMethodthe suite rejects (for example http://www.w3.org/2000/09/xmldsig#sha1). The signature is then verified where it permits SHA-1 digests, and the message is accepted.Patches
Fixed in CoreWCF v1.8.1 and v1.9.1
Workarounds
None
References