VIR Vulnerability Intelligence Relay

Package impact

python PyPI / pysaml2

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2016-10149 high 7.5 7.5 9y ago XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response. susedebianpython
CVE-2017-1000246 medium 5.3 5.3 9y ago Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data. susedebianpython