2 matches found
CVE-2019-18633
CVE-2019-18633 concerns the European Commission eIDAS-Node Integration Package. Connected sources confirm a vulnerability in Missing Certificate Validation where a certain ExplicitKeyTrustEvaluator return value is not checked. The issue is explicitly tied to the package versions “before 2.3.1,” a...
CVE-2019-18632
The CVE-2019-18632 entry concerns the European Commission eIDAS-Node Integration Package prior to 2.3.1. Affected component: the eIDAS-Node integration package that handles SAML responses. Root cause: signing a manipulated SAML response with a forged certificate enables certificate faking. Impact...