VYPR

rpm package

opensuse/python-pysaml2&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-pysaml2&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2021-21238Jan 21, 2021
    affected < 7.4.2-1.2fixed 7.4.2-1.2

    PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Sig

  • CVE-2021-21239Jan 21, 2021
    affected < 7.4.2-1.2fixed 7.4.2-1.2

    PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted

  • CVE-2020-5390Jan 13, 2020
    affected < 7.4.2-1.2fixed 7.4.2-1.2

    PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus