10 matches found
EUVD-2022-2804
Malicious code in bioql PyPI...
SUSE CVE-2019-9628
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
GHSA-6HVF-XVWM-VRW4 XMLTooling Library Incorrectly Handles Some Exceptions
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
The vulnerability of XMLTooling’s XML file syntax analysis library lies in its improper handling of exceptions for incorrect XML declarations. This allows a malicious actor to trigger a service failure using a specially crafted XML structure.
The vulnerability of the XML parsing library XMLTooling is related to improper handling of exceptions for incorrect XML declarations. Exploiting this vulnerability can allow a malicious actor to cause service failures by using a specially crafted XML structure...
OPENSUSE-SU-2019:1235-1 Security update for xmltooling
This update for xmltooling fixes the following issues: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling bsc1129537. This update was imported from the...
CVE-2019-9628
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
CVE-2019-9628
The CVE-2019-9628 entry concerns the XMLTooling library (versions prior to V3.0.4) bundled with OpenSAML and Shibboleth SP. A parsing issue in the XML declaration causes an exception type that is not properly handled, propagating an unexpected exception. OpenSUSE/SUSE advisories explicitly link C...
CVE-2019-9628
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
Authorization Bypass
saml-client is vulnerable to authorization bypass attacks. The library uses a vulnerable version of the of the Shibboleth xmltooling library, causing text after a comment being lost before signing the SAML Message. This allows a malicious user to modify a SAML message without invalidating the...
DoS против библиотеки XMLTooling
Unhandled exception on processing XML with invalid schema...