Identitypython Pysaml2 vulnerabilities
2 known vulnerabilities affecting identitypython/pysaml2.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-21239MEDIUMCVSS 6.5fixed in 6.5.02021-01-21
CVE-2021-21239 [MEDIUM] CWE-347 CVE-2021-21239: PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an impr
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ensure that a signed SAML document is correctly sign
nvd
CVE-2021-21238MEDIUMCVSS 6.5fixed in 6.5.02021-01-21
CVE-2021-21238 [MEDIUM] CWE-347 CVE-2021-21238: PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an impr
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping because it did not validate the SAML document against a
nvd