- Home
- CVEs with nessus.description==OpenSAML developer reports :
The Shibboleth software relies on the OpenSAML libraries to perform verification of signed XML messages such as attribute queries or SAML assertions. Both the Java and C versions are vulnerable to a so-called 'wrapping attack' that allows a remote, unauthenticated attacker to craft specially formed messages that can be successfully verified, but contain arbitrary content.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top