- Home
- CVEs with nessus.description==OpenSAML developer reports :
The Shibboleth software relies on the OpenSAML libraries to perform
verification of signed XML messages such as attribute queries or SAML
assertions. Both the Java and C versions are vulnerable to a
so-called 'wrapping attack' that allows a remote, unauthenticated
attacker to craft specially formed messages that can be successfully
verified, but contain arbitrary content.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top