rpm package
suse/python-defusedxml&distro=SUSE Enterprise Storage 6
pkg:rpm/suse/python-defusedxml&distro=SUSE%20Enterprise%20Storage%206
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11427 | — | < 0.6.0-1.5.1 | 0.6.0-1.5.1 | Apr 17, 2019 | OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially byp |
- CVE-2017-11427Apr 17, 2019affected < 0.6.0-1.5.1fixed 0.6.0-1.5.1
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially byp