Linux Distros Unpatched Vulnerability : CVE-2016-10127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PySAML2 allows remote attackers to conduct XML external entity XXE attacks via a crafted SAML XML request or response. CVE-2016-10127 Note that Nessus relies on...

django-saml2-auth (>=1.0.2 <=1.1.4), django-saml2-auth-custom (>=1.0.0 <=1.0.4) +4 more potentially affected by CVE-2016-10127 via pysaml2 (>=4.0.2 <=4.4.0)

pysaml2 PYPI version =4.0.2, =1.0.2, =1.0.0, =12.0.2, =0.6.1, =3.4.8 Source cves: CVE-2016-10127 Source advisory: OSV:GHSA-M269-WJ6G-C459...

CVE-2016-10127

PySAML2 allows remote attackers to conduct XML external entity XXE attacks via a crafted SAML XML request or response...

DEBIAN-CVE-2016-10127

PySAML2 allows remote attackers to conduct XML external entity XXE attacks via a crafted SAML XML request or response...

CVE-2016-10127

PySAML2 allows remote attackers to conduct XML external entity XXE attacks via a crafted SAML XML request or response...

Debian DSA-3759-1 : python-pysaml2 - security update

Matias P. Brutti discovered that python-pysaml2, a Python implementation of the Security Assertion Markup Language 2.0, did not correctly sanitize the XML messages it handled. This allowed a remote attacker to perform XML External Entity attacks, leading to a wide range of exploits. %NASLMINLEVEL...

[SECURITY] [DSA 3759-1] python-pysaml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3759-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2017 https://www.debian.org/security/faq -...