rpm package
suse/xmltooling&distro=SUSE Linux Enterprise Server 12 SP2
pkg:rpm/suse/xmltooling&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-0489 | Med | 6.5 | < 1.5.6-3.6.1 | 1.5.6-3.6.1 | Feb 27, 2018 | Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML da | |
| CVE-2018-0486 | Med | 6.5 | < 1.5.6-3.3.2 | 1.5.6-3.3.2 | Jan 13, 2018 | Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a craf |
- affected < 1.5.6-3.6.1fixed 1.5.6-3.6.1
Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML da
- affected < 1.5.6-3.3.2fixed 1.5.6-3.3.2
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a craf