SUSE CVE-2016-7420

Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...

PT-2020-5164 · Pysaml2 +2 · Pysaml2 +2

Name of the Vulnerable Software and Affected Versions: PySAML2 versions prior to 5.0.0 Description: The issue is related to incorrect verification of cryptographic signatures in SAML2 documents, allowing a remote attacker to bypass signature checks and access protected information. This is due to...