PT-2017-7752 · Pysaml2+1 · Pysaml2+1

Fruechel

Publicado

2017-01-12

Atualizado

2022-05-17

CVE-2016-10127

CVSS v4.0

9.4

Crítica

Vetor

AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions PySAML2 (affected versions not specified)

Description The issue allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2016-10127

DSA-3759-1

GHSA-M269-WJ6G-C459

PYSEC-2017-67

SUSE-SU-2017:0569-1

SUSE-SU-2019:2671-1

SUSE-SU-2019:2867-1

Debian

Pysaml2