4 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1000246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...
CVE-2017-1000433
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...
Default credentials
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...
CVE-2017-1000246
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...