VYPR

rpm package

opensuse/xmltooling&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/xmltooling&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2019-9628HigApr 11, 2019
    affected < 3.2.0-1.2fixed 3.2.0-1.2

    The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propaga

  • CVE-2018-0489MedFeb 27, 2018
    affected < 3.2.0-1.2fixed 3.2.0-1.2

    Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML da

  • CVE-2018-0486MedJan 13, 2018
    affected < 3.2.0-1.2fixed 3.2.0-1.2

    Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a craf