rpm package
suse/python-defusedxml&distro=SUSE OpenStack Cloud 6
pkg:rpm/suse/python-defusedxml&distro=SUSE%20OpenStack%20Cloud%206
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10149 | Hig | 7.5 | < 0.4.1-2.1 | 0.4.1-2.1 | Mar 24, 2017 | XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response. | |
| CVE-2016-10127 | Cri | 9.0 | < 0.4.1-2.1 | 0.4.1-2.1 | Mar 3, 2017 | PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. |
- affected < 0.4.1-2.1fixed 0.4.1-2.1
XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
- affected < 0.4.1-2.1fixed 0.4.1-2.1
PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.