AVG-1487 log

Package python-pysaml2
Status Fixed
Severity Critical
Type signature forgery
Affected 6.4.1-1
Fixed 6.5.1-1
Current 7.5.0-3 [extra]
Ticket None
Created Thu Jan 21 18:08:16 2021
Issue Severity Remote Type Description
CVE-2021-21239 Critical No Signature forgery
PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1...
CVE-2021-21238 High No Signature forgery
PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents...