Filtered by vendor Onelogin Subscriptions
Filtered by product Pythonsaml Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-11427 1 Onelogin 1 Pythonsaml 2024-11-21 N/A
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.