8 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-21238
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability...
CVE-2021-21238
A verification flaw was found in python-pysaml2, where it did not validate signed SAML documents against an XML schema. Because the flaw allowed invalid XML documents to be processed, a network attacker could exploit this flaw by tricking pysaml2 with a wrapped signature. Mitigation Mitigation fo...
CVE-2021-21238
creationtimestamp| type| source ---|---|--- 2021-01-21 18:28:14+00:00| seen| https://t.me/cibsecurity/22495 2024-04-13 13:18:43+00:00| seen| https://t.me/arpsyndicate/4659...
django-allauth-saml2 (>=0.1.0 <=0.2.0), django-saml2-auth (>=1.0.2 <=1.1.4) +8 more potentially affected by CVE-2021-21238 via pysaml2 (>=4.0.2 <=5.0.0)
pysaml2 PYPI version =4.0.2, =0.1.0, =1.0.2, =1.0.0, =0.16.11, =1.1.1, =12.0.2, =0.100.2, =0.6.1, =3.4.8 Source cves: CVE-2021-21238 Source advisory: OSV:PYSEC-2021-48...
UBUNTU-CVE-2021-21238
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...
CVE-2021-21238
PySAML2 (Python-based SAML 2.0 implementation) is affected by an improper verification of cryptographic signatures in versions prior to 6.5.0. The flaw is a variant of XML Signature wrapping: PySAML2 did not validate the SAML document against an XML schema, allowing an invalid XML document with a...
django-allauth-saml2 (>=0.1.0 <=0.2.0), django-saml2-auth (>=1.0.2 <=1.1.4) +8 more potentially affected by CVE-2021-21238 via pysaml2 (>=4.0.2 <=5.0.0)
pysaml2 PYPI version =4.0.2, =0.1.0, =1.0.2, =1.0.0, =0.16.11, =1.1.1, =12.0.2, =0.100.2, =0.6.1, =3.4.8 Source cves: CVE-2021-21238 Source advisory: OSV:GHSA-F4G9-H89H-JGV9...
pysaml2 -- multiple vulnerabilities
pysaml2 Releases: Fix processing of invalid SAML XML documents - CVE-2021-21238 Fix unspecified xmlsec1 key-type preference - CVE-2021-21239...