Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2021/03/01 12:0 a.m.108 views

Debian DLA-2577-1 : python-pysaml2 security update

Several issues have been found in python-pysaml2, a pure python implementation of SAML Version 2 Standard. CVE-2017-1000433 pysaml2 accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password. CVE-2021-21239 pysaml2 ha...

8.1CVSS6.9AI score0.0252EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2021/02/27 12:0 a.m.18 views

Debian: Security Advisory (DLA-2577-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.0252EPSS
Exploits3References4
vulnersOsv
vulnersOsv
added 2018/07/13 4:1 p.m.6 views

django-saml2-auth (>=1.0.2 <=1.1.4), django-saml2-auth-custom (>=1.0.0 <=1.0.4) +4 more potentially affected by CVE-2017-1000433 via pysaml2 (>=4.0.2 <=4.4.0)

pysaml2 PYPI version =4.0.2, =1.0.2, =1.0.0, =12.0.2, =0.6.1, =3.4.8 Source cves: CVE-2017-1000433 Source advisory: OSV:GHSA-924M-4PMX-C67H...

8.1CVSS6.9AI score0.0252EPSS
Exploits0
Debian
Debian
added 2018/07/01 2:51 p.m.21 views

[SECURITY] [DLA 1410-1] python-pysaml2 security update

Package : python-pysaml2 Version : 2.0.0-1+deb8u2 CVE ID : CVE-2017-1000433 Debian Bug : 886423 Pysaml2, a Python implementation of the Security Assertion Markup Language, would accept any password when run with Python optimizations enabled. This allows attackers to log in as any user without...

8.1CVSS8.1AI score0.0252EPSS
Exploits0
OSV
OSV
added 2018/05/09 2:19 p.m.4 views

SUSE-SU-2018:1194-1 Security update for python-pysaml2

This update for python-pysaml2 fixes the following issues: - CVE-2017-1000433: When python optimizations are enabled, any user is able to login without knowing their password. bsc1074662...

8.1CVSS8AI score0.0252EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2018/01/02 11:29 p.m.5 views

django-saml2-auth (>=1.0.2 <=1.1.4), django-saml2-auth-custom (>=1.0.0 <=1.0.4) +4 more potentially affected by CVE-2017-1000433 via pysaml2 (>=4.0.2 <=4.4.0)

pysaml2 PYPI version =4.0.2, =1.0.2, =1.0.0, =12.0.2, =0.6.1, =3.4.8 Source cves: CVE-2017-1000433 Source advisory: OSV:PYSEC-2018-48...

8.1CVSS6.9AI score0.0252EPSS
Exploits0
OSV
OSV
added 2018/01/02 11:29 p.m.2 views

DEBIAN-CVE-2017-1000433

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...

8.1CVSS7AI score0.0252EPSS
Exploits0References1
CVE
CVE
added 2018/01/02 11:0 p.m.127 views

CVE-2017-1000433

Summary: CVE-2017-1000433 affects PySAML2. Versions 4.4.0 and earlier allow login without a password when Python optimizations are enabled, enabling attacker impersonation of any user. The issue is widely reported across distros and advisories (Debian DLA-2577-1; DLA-1410-1; Ubuntu USN-3520-1; Ge...

8.1CVSS7.8AI score0.0252EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/01/02 11:0 p.m.20 views

CVE-2017-1000433

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...

8AI score0.0252EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2018/01/02 11:0 p.m.21 views

CVE-2017-1000433

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...

8.1CVSS7.2AI score0.0252EPSS
Exploits0
Rows per page
Query Builder