VYPR
Vendor

Pysaml2 Project

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2016-10127CriMar 3, 2017
    risk 0.52cvss 9.0epss 0.02

    PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.

  • CVE-2016-10149HigMar 24, 2017
    risk 0.42cvss 7.5epss 0.04

    XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.

  • CVE-2017-1000246MedNov 17, 2017
    risk 0.35cvss 5.3epss 0.01

    Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.