Yuri Goltsev

**Name of the Vulnerable Software and Affected Versions** PySAML2 versions prior to 5.0.0 **Description** The issue is related to incorrect verification of cryptographic signatures in SAML2 documents, allowing a remote attacker to bypass signature checks and access protected information. This is due to the library being affected by XML Signature Wrapping (XSW), where the signature information and the node/object that is signed can be in different places, causing the signature verification to succeed but using the wrong data. This specifically affects the verification of assertions that have been signed. **Recommendations** For PySAML2 versions prior to 5.0.0, update to version 5.0.0 or later to resolve the issue. As a temporary workaround, consider disabling the use of SAML2 assertions until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.