cvelistv5 - CVE-2017-11427

CVE-2017-11427 (GCVE-0-2017-11427)

Vulnerability from cvelistv5 – Published: 2019-04-17 13:59 – Updated: 2024-08-05 18:12

Summary

OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

Severity ?

7.7 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-287 - Improper Authentication

Assigner

duo

References

URL

	Vendor	Product	Version
	OneLogin	PythonSAML	Affected: unspecified , < 2.3.0 (custom)

OPENSUSE-SU-2024:11262-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

python36-python3-saml-1.11.0-1.2 on GA media

Notes

Title of the patch

python36-python3-saml-1.11.0-1.2 on GA media

Description of the patch

These are all security issues fixed in the python36-python3-saml-1.11.0-1.2 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-11262

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "python36-python3-saml-1.11.0-1.2 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the python36-python3-saml-1.11.0-1.2 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11262",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11262-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11427 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11427/"
      }
    ],
    "title": "python36-python3-saml-1.11.0-1.2 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11262-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python36-python3-saml-1.11.0-1.2.aarch64",
                "product": {
                  "name": "python36-python3-saml-1.11.0-1.2.aarch64",
                  "product_id": "python36-python3-saml-1.11.0-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python38-python3-saml-1.11.0-1.2.aarch64",
                "product": {
                  "name": "python38-python3-saml-1.11.0-1.2.aarch64",
                  "product_id": "python38-python3-saml-1.11.0-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python39-python3-saml-1.11.0-1.2.aarch64",
                "product": {
                  "name": "python39-python3-saml-1.11.0-1.2.aarch64",
                  "product_id": "python39-python3-saml-1.11.0-1.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python36-python3-saml-1.11.0-1.2.ppc64le",
                "product": {
                  "name": "python36-python3-saml-1.11.0-1.2.ppc64le",
                  "product_id": "python36-python3-saml-1.11.0-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "python38-python3-saml-1.11.0-1.2.ppc64le",
                "product": {
                  "name": "python38-python3-saml-1.11.0-1.2.ppc64le",
                  "product_id": "python38-python3-saml-1.11.0-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "python39-python3-saml-1.11.0-1.2.ppc64le",
                "product": {
                  "name": "python39-python3-saml-1.11.0-1.2.ppc64le",
                  "product_id": "python39-python3-saml-1.11.0-1.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python36-python3-saml-1.11.0-1.2.s390x",
                "product": {
                  "name": "python36-python3-saml-1.11.0-1.2.s390x",
                  "product_id": "python36-python3-saml-1.11.0-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python38-python3-saml-1.11.0-1.2.s390x",
                "product": {
                  "name": "python38-python3-saml-1.11.0-1.2.s390x",
                  "product_id": "python38-python3-saml-1.11.0-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python39-python3-saml-1.11.0-1.2.s390x",
                "product": {
                  "name": "python39-python3-saml-1.11.0-1.2.s390x",
                  "product_id": "python39-python3-saml-1.11.0-1.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python36-python3-saml-1.11.0-1.2.x86_64",
                "product": {
                  "name": "python36-python3-saml-1.11.0-1.2.x86_64",
                  "product_id": "python36-python3-saml-1.11.0-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python38-python3-saml-1.11.0-1.2.x86_64",
                "product": {
                  "name": "python38-python3-saml-1.11.0-1.2.x86_64",
                  "product_id": "python38-python3-saml-1.11.0-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python39-python3-saml-1.11.0-1.2.x86_64",
                "product": {
                  "name": "python39-python3-saml-1.11.0-1.2.x86_64",
                  "product_id": "python39-python3-saml-1.11.0-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python36-python3-saml-1.11.0-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.aarch64"
        },
        "product_reference": "python36-python3-saml-1.11.0-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python36-python3-saml-1.11.0-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.ppc64le"
        },
        "product_reference": "python36-python3-saml-1.11.0-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python36-python3-saml-1.11.0-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.s390x"
        },
        "product_reference": "python36-python3-saml-1.11.0-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python36-python3-saml-1.11.0-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.x86_64"
        },
        "product_reference": "python36-python3-saml-1.11.0-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python38-python3-saml-1.11.0-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.aarch64"
        },
        "product_reference": "python38-python3-saml-1.11.0-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python38-python3-saml-1.11.0-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.ppc64le"
        },
        "product_reference": "python38-python3-saml-1.11.0-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python38-python3-saml-1.11.0-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.s390x"
        },
        "product_reference": "python38-python3-saml-1.11.0-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python38-python3-saml-1.11.0-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.x86_64"
        },
        "product_reference": "python38-python3-saml-1.11.0-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python39-python3-saml-1.11.0-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.aarch64"
        },
        "product_reference": "python39-python3-saml-1.11.0-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python39-python3-saml-1.11.0-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.ppc64le"
        },
        "product_reference": "python39-python3-saml-1.11.0-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python39-python3-saml-1.11.0-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.s390x"
        },
        "product_reference": "python39-python3-saml-1.11.0-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python39-python3-saml-1.11.0-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.x86_64"
        },
        "product_reference": "python39-python3-saml-1.11.0-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11427",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11427"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.aarch64",
          "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.ppc64le",
          "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.s390x",
          "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.x86_64",
          "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.aarch64",
          "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.ppc64le",
          "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.s390x",
          "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.x86_64",
          "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.aarch64",
          "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.ppc64le",
          "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.s390x",
          "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11427",
          "url": "https://www.suse.com/security/cve/CVE-2017-11427"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180767 for CVE-2017-11427",
          "url": "https://bugzilla.suse.com/1180767"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.x86_64",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.x86_64",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python36-python3-saml-1.11.0-1.2.x86_64",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python38-python3-saml-1.11.0-1.2.x86_64",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.aarch64",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.ppc64le",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.s390x",
            "openSUSE Tumbleweed:python39-python3-saml-1.11.0-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2017-11427"
    }
  ]
}

OPENSUSE-SU-2024:14159-1

Vulnerability from csaf_opensuse - Published: 2024-07-12 00:00 - Updated: 2024-07-12 00:00

Summary

python310-python3-saml-1.15.0-2.3 on GA media

Notes

Title of the patch

python310-python3-saml-1.15.0-2.3 on GA media

Description of the patch

These are all security issues fixed in the python310-python3-saml-1.15.0-2.3 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14159

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "python310-python3-saml-1.15.0-2.3 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the python310-python3-saml-1.15.0-2.3 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14159",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14159-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11427 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11427/"
      }
    ],
    "title": "python310-python3-saml-1.15.0-2.3 on GA media",
    "tracking": {
      "current_release_date": "2024-07-12T00:00:00Z",
      "generator": {
        "date": "2024-07-12T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14159-1",
      "initial_release_date": "2024-07-12T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-07-12T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python310-python3-saml-1.15.0-2.3.aarch64",
                "product": {
                  "name": "python310-python3-saml-1.15.0-2.3.aarch64",
                  "product_id": "python310-python3-saml-1.15.0-2.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-python3-saml-1.15.0-2.3.aarch64",
                "product": {
                  "name": "python311-python3-saml-1.15.0-2.3.aarch64",
                  "product_id": "python311-python3-saml-1.15.0-2.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python312-python3-saml-1.15.0-2.3.aarch64",
                "product": {
                  "name": "python312-python3-saml-1.15.0-2.3.aarch64",
                  "product_id": "python312-python3-saml-1.15.0-2.3.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python310-python3-saml-1.15.0-2.3.ppc64le",
                "product": {
                  "name": "python310-python3-saml-1.15.0-2.3.ppc64le",
                  "product_id": "python310-python3-saml-1.15.0-2.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "python311-python3-saml-1.15.0-2.3.ppc64le",
                "product": {
                  "name": "python311-python3-saml-1.15.0-2.3.ppc64le",
                  "product_id": "python311-python3-saml-1.15.0-2.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "python312-python3-saml-1.15.0-2.3.ppc64le",
                "product": {
                  "name": "python312-python3-saml-1.15.0-2.3.ppc64le",
                  "product_id": "python312-python3-saml-1.15.0-2.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python310-python3-saml-1.15.0-2.3.s390x",
                "product": {
                  "name": "python310-python3-saml-1.15.0-2.3.s390x",
                  "product_id": "python310-python3-saml-1.15.0-2.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-python3-saml-1.15.0-2.3.s390x",
                "product": {
                  "name": "python311-python3-saml-1.15.0-2.3.s390x",
                  "product_id": "python311-python3-saml-1.15.0-2.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python312-python3-saml-1.15.0-2.3.s390x",
                "product": {
                  "name": "python312-python3-saml-1.15.0-2.3.s390x",
                  "product_id": "python312-python3-saml-1.15.0-2.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python310-python3-saml-1.15.0-2.3.x86_64",
                "product": {
                  "name": "python310-python3-saml-1.15.0-2.3.x86_64",
                  "product_id": "python310-python3-saml-1.15.0-2.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-python3-saml-1.15.0-2.3.x86_64",
                "product": {
                  "name": "python311-python3-saml-1.15.0-2.3.x86_64",
                  "product_id": "python311-python3-saml-1.15.0-2.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python312-python3-saml-1.15.0-2.3.x86_64",
                "product": {
                  "name": "python312-python3-saml-1.15.0-2.3.x86_64",
                  "product_id": "python312-python3-saml-1.15.0-2.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python310-python3-saml-1.15.0-2.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.aarch64"
        },
        "product_reference": "python310-python3-saml-1.15.0-2.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python310-python3-saml-1.15.0-2.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.ppc64le"
        },
        "product_reference": "python310-python3-saml-1.15.0-2.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python310-python3-saml-1.15.0-2.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.s390x"
        },
        "product_reference": "python310-python3-saml-1.15.0-2.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python310-python3-saml-1.15.0-2.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.x86_64"
        },
        "product_reference": "python310-python3-saml-1.15.0-2.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-python3-saml-1.15.0-2.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.aarch64"
        },
        "product_reference": "python311-python3-saml-1.15.0-2.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-python3-saml-1.15.0-2.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.ppc64le"
        },
        "product_reference": "python311-python3-saml-1.15.0-2.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-python3-saml-1.15.0-2.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.s390x"
        },
        "product_reference": "python311-python3-saml-1.15.0-2.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-python3-saml-1.15.0-2.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.x86_64"
        },
        "product_reference": "python311-python3-saml-1.15.0-2.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python312-python3-saml-1.15.0-2.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.aarch64"
        },
        "product_reference": "python312-python3-saml-1.15.0-2.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python312-python3-saml-1.15.0-2.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.ppc64le"
        },
        "product_reference": "python312-python3-saml-1.15.0-2.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python312-python3-saml-1.15.0-2.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.s390x"
        },
        "product_reference": "python312-python3-saml-1.15.0-2.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python312-python3-saml-1.15.0-2.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.x86_64"
        },
        "product_reference": "python312-python3-saml-1.15.0-2.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11427",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11427"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.aarch64",
          "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.ppc64le",
          "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.s390x",
          "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.x86_64",
          "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.aarch64",
          "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.ppc64le",
          "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.s390x",
          "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.x86_64",
          "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.aarch64",
          "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.ppc64le",
          "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.s390x",
          "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11427",
          "url": "https://www.suse.com/security/cve/CVE-2017-11427"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180767 for CVE-2017-11427",
          "url": "https://bugzilla.suse.com/1180767"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.x86_64",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.x86_64",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python310-python3-saml-1.15.0-2.3.x86_64",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python311-python3-saml-1.15.0-2.3.x86_64",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.aarch64",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.ppc64le",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.s390x",
            "openSUSE Tumbleweed:python312-python3-saml-1.15.0-2.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2017-11427"
    }
  ]
}

GSD-2017-11427

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-11427

Aliases

CVE-2017-11427

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-11427",
    "description": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
    "id": "GSD-2017-11427",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-11427.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-11427"
      ],
      "details": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
      "id": "GSD-2017-11427",
      "modified": "2023-12-13T01:21:15.541804Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@duo.com",
        "ID": "CVE-2017-11427",
        "STATE": "PUBLIC",
        "TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PythonSAML",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "2.3.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "OneLogin"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Kelby Ludwig of Duo Security"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-287: Improper Authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
            "refsource": "MISC",
            "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
          },
          {
            "name": "https://www.kb.cert.org/vuls/id/475445",
            "refsource": "MISC",
            "url": "https://www.kb.cert.org/vuls/id/475445"
          }
        ]
      },
      "source": {
        "discovery": "INTERNAL"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.4.0",
          "affected_versions": "All versions before 2.4.0",
          "credit": "Kelby Ludwig (Duo Security), Garret Wassermann",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-287",
            "CWE-937"
          ],
          "date": "2019-10-09",
          "description": "Some XML DOM traversal and canonicalization APIs may be inconsistent in handling of comments within XML nodes. Incorrect use of these APIs by some SAML libraries results in incorrect parsing of the inner text of XML nodes such that any inner text after the comment is lost prior to cryptographically signing the SAML message. Text after the comment therefore has no impact on the signature on the SAML message. A remote attacker can modify SAML content for a SAML service provider without invalidating the cryptographic signature, which may allow attackers to bypass primary authentication for the affected SAML service provider.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2017-11427",
          "identifiers": [
            "CVE-2017-11427"
          ],
          "package_slug": "pypi/python-saml",
          "pubdate": "2019-04-17",
          "solution": "Upgrade to 2.4.0 or above.",
          "title": "Authentication bypass via incorrect DOM traversal and canonicalization",
          "urls": [
            "https://github.com/onelogin/python-saml/commit/fad881b4432febea69d70691dfed51c93f0de10f",
            "https://www.kb.cert.org/vuls/id/475445"
          ],
          "uuid": "41816881-e93f-4def-aa68-446094376380"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:onelogin:pythonsaml:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@duo.com",
          "ID": "CVE-2017-11427"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.kb.cert.org/vuls/id/475445",
              "refsource": "MISC",
              "tags": [
                "US Government Resource",
                "Third Party Advisory"
              ],
              "url": "https://www.kb.cert.org/vuls/id/475445"
            },
            {
              "name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:22Z",
      "publishedDate": "2019-04-17T14:29Z"
    }
  }
}

GHSA-J8J8-348V-WFM3

Vulnerability from github – Published: 2019-07-05 21:11 – Updated: 2024-10-25 21:17

Summary

Python-saml allows manipulation of SAML data without invalidation of cryptographic signature

Details

Severity ?

7.7 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

8.3 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "python-saml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-11427"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:42:49Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
  "id": "GHSA-j8j8-348v-wfm3",
  "modified": "2024-10-25T21:17:28Z",
  "published": "2019-07-05T21:11:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11427"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SAML-Toolkits/python-saml/commit/fad881b4432febea69d70691dfed51c93f0de10f"
    },
    {
      "type": "WEB",
      "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/SAML-Toolkits/python-saml"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j8j8-348v-wfm3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-saml/PYSEC-2019-198.yaml"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/475445"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Python-saml allows manipulation of SAML data without invalidation of cryptographic signature"
}

PYSEC-2019-198

Vulnerability from pysec - Published: 2019-04-17 14:29 - Updated: 2021-08-27 03:22

Details

Impacted products

Name	purl
python-saml	pkg:pypi/python-saml

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "python-saml",
        "purl": "pkg:pypi/python-saml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.1.3",
        "2.1.4",
        "2.1.5",
        "2.1.6",
        "2.1.7",
        "2.1.8",
        "2.1.9",
        "2.2.0",
        "2.2.1",
        "2.2.2",
        "2.2.3",
        "2.3.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2017-11427",
    "GHSA-j8j8-348v-wfm3"
  ],
  "details": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
  "id": "PYSEC-2019-198",
  "modified": "2021-08-27T03:22:18.581552Z",
  "published": "2019-04-17T14:29:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/475445"
    },
    {
      "type": "ARTICLE",
      "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j8j8-348v-wfm3"
    }
  ]
}

SUSE-SU-2021:0048-1

Vulnerability from csaf_suse - Published: 2021-01-08 12:37 - Updated: 2021-01-08 12:37

Summary

Security update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec

Notes

Title of the patch

Security update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec

Description of the patch

This update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec fixes the following issues: - Update to 0.6.0 - Increase test coverage. - Add badges to README. - Test on Python 3.7 stable and 3.8-dev - Drop support for Python 3.4 - No longer pass *html* argument to XMLParse. It has been deprecated and ignored for a long time. The DefusedXMLParser still takes a html argument. A deprecation warning is issued when the argument is False and a TypeError when it's True. - defusedxml now fails early when pyexpat stdlib module is not available or broken. - defusedxml.ElementTree.__all__ now lists ParseError as public attribute. - The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo and used XMLParse instead of XMLParser as an alias for DefusedXMLParser. Both the old and fixed name are now available. - Remove superfluous devel dependency for noarch package - Update to 5.0 * Add compatibility with Python 3.6 * Drop support for Python 2.6, 3.1, 3.2, 3.3 * Fix lxml tests (XMLSyntaxError: Detected an entity reference loop) - Implement single-spec version. - Dummy changelog for bsc#1019074, FATE#322329 - Add dependency on the full python (which is not pulled by setuptools anymore). Use %{pythons} macro now. (bsc#1177200) - Upgrade to 0.3.12: * Refactor classes to functions * Ignore Selenium * Move to pytest * Conditionally patch time.clock (removed in 3.8) * Patch time.time_ns added in Python 3.7 - Do not require python2 module for building python3 module - Update to 0.3.11: * Performance improvements * Fix nesting time.time * Add nanosecond property - Remove superfluous devel dependency for noarch package - Add remove_dependency_on_mock.patch which removes dependency on python-mock for Python 3, where it is not required. - update to 0.3.10 * Performance improvements * Coroutine support - update to version 0.3.9 * If no time to be frozen, use current time * Fix uuid1 issues * Add support for python 3.6 update to version 0.3.8 * Improved unpatching when importing modules after freeze_time start() * Add manual increment via tick method * Fix bug with time.localtime not being reset. Closes #112. * Fix test to work when current timezone is GMT-14 or GMT+14. * Fixed #162 - allow decorating old-style classes. * Add support to PyMySQL * Assume the default time to freeze is 'now'. * Register fake types in PyMySQL conversions * Ignore threading and Queue modules. Closes #129. * Lock down coverage version since new coverage doesnt support py3.2 * Fix or py3 astimezone and not passing tz. Closes #138. * Add note about deafult arguments. Closes #140. * Add license info. Closes #120. - Update to 0.3.5 * No upstream changelog - Remove unneeded freeze_hideDeps.patch - Use download Url as source - Use tarball provided by pypi - update to 1.5.1 * Use poetry instead of setuptools directly * Fix #42: raise exception if package is missing * Fix version parsing for openssl-like version numbers, fixes #32 * Add boolean static keyword to output private libraries as well * Raise original OSError as well - Add missing test dependency pkgconfig

Patchnames

SUSE-2021-48,SUSE-Storage-6-2021-48

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec fixes the following issues:\n\n\n- Update to 0.6.0\n  - Increase test coverage.\n  - Add badges to README.\n  - Test on Python 3.7 stable and 3.8-dev\n  - Drop support for Python 3.4\n  - No longer pass *html* argument to XMLParse. It has been deprecated and\n    ignored for a long time. The DefusedXMLParser still takes a html argument.\n    A deprecation warning is issued when the argument is False and a TypeError\n    when it\u0027s True.\n  - defusedxml now fails early when pyexpat stdlib module is not available or\n    broken.\n  - defusedxml.ElementTree.__all__ now lists ParseError as public attribute.\n  - The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo\n    and used XMLParse instead of XMLParser as an alias for DefusedXMLParser.\n    Both the old and fixed name are now available.\n\n- Remove superfluous devel dependency for noarch package\n\n- Update to 5.0\n  * Add compatibility with Python 3.6\n  * Drop support for Python 2.6, 3.1, 3.2, 3.3\n  * Fix lxml tests (XMLSyntaxError: Detected an entity reference loop)\n- Implement single-spec version.\n\n- Dummy changelog for bsc#1019074, FATE#322329\n\n- Add dependency on the full python (which is not pulled by\n  setuptools anymore). Use %{pythons} macro now. (bsc#1177200)\n\n- Upgrade to 0.3.12:\n  * Refactor classes to functions\n  * Ignore Selenium\n  * Move to pytest\n  * Conditionally patch time.clock (removed in 3.8)\n  * Patch time.time_ns added in Python 3.7\n\n- Do not require python2 module for building python3 module\n\n- Update to 0.3.11:\n    * Performance improvements\n    * Fix nesting time.time\n    * Add nanosecond property\n\n- Remove superfluous devel dependency for noarch package\n\n- Add remove_dependency_on_mock.patch which removes dependency on\n  python-mock for Python 3, where it is not required.\n\n- update to 0.3.10 \n * Performance improvements\n * Coroutine support\n\n- update to version 0.3.9\n  * If no time to be frozen, use current time\n  * Fix uuid1 issues\n  * Add support for python 3.6\n\nupdate to version 0.3.8\n  * Improved unpatching when importing modules after freeze_time start()\n  * Add manual increment via tick method\n  * Fix bug with time.localtime not being reset. Closes #112.\n  * Fix test to work when current timezone is GMT-14 or GMT+14.\n  * Fixed #162 - allow decorating old-style classes.\n  * Add support to PyMySQL\n  * Assume the default time to freeze is \u0027now\u0027.\n  * Register fake types in PyMySQL conversions\n  * Ignore threading and Queue modules. Closes #129.\n  * Lock down coverage version since new coverage doesnt support py3.2\n  * Fix or py3 astimezone and not passing tz. Closes #138.\n  * Add note about deafult arguments. Closes #140.\n  * Add license info. Closes #120.\n\n- Update to 0.3.5\n  * No upstream changelog\n- Remove unneeded freeze_hideDeps.patch\n\n- Use download Url as source\n- Use tarball provided by pypi\n\n- update to 1.5.1\n  * Use poetry instead of setuptools directly\n  * Fix #42: raise exception if package is missing\n  * Fix version parsing for openssl-like version numbers, fixes #32\n  * Add boolean static keyword to output private libraries as well\n  * Raise original OSError as well\n\n- Add missing test dependency pkgconfig\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2021-48,SUSE-Storage-6-2021-48",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0048-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2021:0048-1",
        "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210048-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2021:0048-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008165.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1019074",
        "url": "https://bugzilla.suse.com/1019074"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041090",
        "url": "https://bugzilla.suse.com/1041090"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1177200",
        "url": "https://bugzilla.suse.com/1177200"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11427 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11427/"
      }
    ],
    "title": "Security update for python-defusedxml, python-freezegun, python-pkgconfig, python-python3-saml, python-xmlsec",
    "tracking": {
      "current_release_date": "2021-01-08T12:37:58Z",
      "generator": {
        "date": "2021-01-08T12:37:58Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2021:0048-1",
      "initial_release_date": "2021-01-08T12:37:58Z",
      "revision_history": [
        {
          "date": "2021-01-08T12:37:58Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python2-xmlsec-1.3.6-1.5.1.aarch64",
                "product": {
                  "name": "python2-xmlsec-1.3.6-1.5.1.aarch64",
                  "product_id": "python2-xmlsec-1.3.6-1.5.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python3-xmlsec-1.3.6-1.5.1.aarch64",
                "product": {
                  "name": "python3-xmlsec-1.3.6-1.5.1.aarch64",
                  "product_id": "python3-xmlsec-1.3.6-1.5.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python2-defusedxml-0.6.0-1.5.1.noarch",
                "product": {
                  "name": "python2-defusedxml-0.6.0-1.5.1.noarch",
                  "product_id": "python2-defusedxml-0.6.0-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python2-freezegun-0.3.12-1.5.1.noarch",
                "product": {
                  "name": "python2-freezegun-0.3.12-1.5.1.noarch",
                  "product_id": "python2-freezegun-0.3.12-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python2-isodate-0.6.0-1.3.2.noarch",
                "product": {
                  "name": "python2-isodate-0.6.0-1.3.2.noarch",
                  "product_id": "python2-isodate-0.6.0-1.3.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python2-pkgconfig-1.5.1-1.5.1.noarch",
                "product": {
                  "name": "python2-pkgconfig-1.5.1-1.5.1.noarch",
                  "product_id": "python2-pkgconfig-1.5.1-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python2-python3-saml-1.9.0-1.5.2.noarch",
                "product": {
                  "name": "python2-python3-saml-1.9.0-1.5.2.noarch",
                  "product_id": "python2-python3-saml-1.9.0-1.5.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-defusedxml-0.6.0-1.5.1.noarch",
                "product": {
                  "name": "python3-defusedxml-0.6.0-1.5.1.noarch",
                  "product_id": "python3-defusedxml-0.6.0-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-freezegun-0.3.12-1.5.1.noarch",
                "product": {
                  "name": "python3-freezegun-0.3.12-1.5.1.noarch",
                  "product_id": "python3-freezegun-0.3.12-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-isodate-0.6.0-1.3.2.noarch",
                "product": {
                  "name": "python3-isodate-0.6.0-1.3.2.noarch",
                  "product_id": "python3-isodate-0.6.0-1.3.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-pkgconfig-1.5.1-1.5.1.noarch",
                "product": {
                  "name": "python3-pkgconfig-1.5.1-1.5.1.noarch",
                  "product_id": "python3-pkgconfig-1.5.1-1.5.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-python3-saml-1.9.0-1.5.2.noarch",
                "product": {
                  "name": "python3-python3-saml-1.9.0-1.5.2.noarch",
                  "product_id": "python3-python3-saml-1.9.0-1.5.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python2-xmlsec-1.3.6-1.5.1.x86_64",
                "product": {
                  "name": "python2-xmlsec-1.3.6-1.5.1.x86_64",
                  "product_id": "python2-xmlsec-1.3.6-1.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python3-xmlsec-1.3.6-1.5.1.x86_64",
                "product": {
                  "name": "python3-xmlsec-1.3.6-1.5.1.x86_64",
                  "product_id": "python3-xmlsec-1.3.6-1.5.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 6",
                "product": {
                  "name": "SUSE Enterprise Storage 6",
                  "product_id": "SUSE Enterprise Storage 6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-defusedxml-0.6.0-1.5.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-defusedxml-0.6.0-1.5.1.noarch"
        },
        "product_reference": "python3-defusedxml-0.6.0-1.5.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-freezegun-0.3.12-1.5.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-freezegun-0.3.12-1.5.1.noarch"
        },
        "product_reference": "python3-freezegun-0.3.12-1.5.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-isodate-0.6.0-1.3.2.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-isodate-0.6.0-1.3.2.noarch"
        },
        "product_reference": "python3-isodate-0.6.0-1.3.2.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-pkgconfig-1.5.1-1.5.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-pkgconfig-1.5.1-1.5.1.noarch"
        },
        "product_reference": "python3-pkgconfig-1.5.1-1.5.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-python3-saml-1.9.0-1.5.2.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-python3-saml-1.9.0-1.5.2.noarch"
        },
        "product_reference": "python3-python3-saml-1.9.0-1.5.2.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-xmlsec-1.3.6-1.5.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.aarch64"
        },
        "product_reference": "python3-xmlsec-1.3.6-1.5.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-xmlsec-1.3.6-1.5.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.x86_64"
        },
        "product_reference": "python3-xmlsec-1.3.6-1.5.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11427",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11427"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:python3-defusedxml-0.6.0-1.5.1.noarch",
          "SUSE Enterprise Storage 6:python3-freezegun-0.3.12-1.5.1.noarch",
          "SUSE Enterprise Storage 6:python3-isodate-0.6.0-1.3.2.noarch",
          "SUSE Enterprise Storage 6:python3-pkgconfig-1.5.1-1.5.1.noarch",
          "SUSE Enterprise Storage 6:python3-python3-saml-1.9.0-1.5.2.noarch",
          "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.aarch64",
          "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11427",
          "url": "https://www.suse.com/security/cve/CVE-2017-11427"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180767 for CVE-2017-11427",
          "url": "https://bugzilla.suse.com/1180767"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:python3-defusedxml-0.6.0-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-freezegun-0.3.12-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-isodate-0.6.0-1.3.2.noarch",
            "SUSE Enterprise Storage 6:python3-pkgconfig-1.5.1-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-python3-saml-1.9.0-1.5.2.noarch",
            "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.aarch64",
            "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:python3-defusedxml-0.6.0-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-freezegun-0.3.12-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-isodate-0.6.0-1.3.2.noarch",
            "SUSE Enterprise Storage 6:python3-pkgconfig-1.5.1-1.5.1.noarch",
            "SUSE Enterprise Storage 6:python3-python3-saml-1.9.0-1.5.2.noarch",
            "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.aarch64",
            "SUSE Enterprise Storage 6:python3-xmlsec-1.3.6-1.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-01-08T12:37:58Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2017-11427"
    }
  ]
}

CNVD-2019-15984

Vulnerability from cnvd - Published: 2019-05-30

Title

OneLogin python-saml身份验证绕过漏洞

Description

OneLogin python-saml是美国OneLogin公司的一款基于Python的、用于单点登录（SSO）服务的SAML（安全断言标记语言）库。 OneLogin python-saml中存在身份验证绕过漏洞。攻击者可利用该漏洞绕过身份验证机制并执行未授权的操作。

Severity

高

Patch Name

OneLogin python-saml身份验证绕过漏洞的补丁

Patch Description

Clever saml2-js是一款使用在Clever产品中的SAML（安全断言标记语言）脚本。 Clever saml2-js 2.0版本和1.0版本中存在身份验证绕过漏洞。攻击者可利用该漏洞绕过身份验证机制并执行未授权的操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/onelogin/python-saml

Reference

https://www.kb.cert.org/vuls/id/475445

Impacted products

Name
['OneLogin OneLogin python-saml 2.3', 'OneLogin OneLogin python-saml 2.2', 'OneLogin OneLogin python-saml 2.1', 'OneLogin OneLogin python-saml 1.1', 'OneLogin OneLogin python-saml 1.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-11427",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11427"
    }
  },
  "description": "OneLogin python-saml\u662f\u7f8e\u56fdOneLogin\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8ePython\u7684\u3001\u7528\u4e8e\u5355\u70b9\u767b\u5f55\uff08SSO\uff09\u670d\u52a1\u7684SAML\uff08\u5b89\u5168\u65ad\u8a00\u6807\u8bb0\u8bed\u8a00\uff09\u5e93\u3002\n\nOneLogin python-saml\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\u3002",
  "discovererName": "unknow",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/onelogin/python-saml",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-15984",
  "openTime": "2019-05-30",
  "patchDescription": "Clever saml2-js\u662f\u4e00\u6b3e\u4f7f\u7528\u5728Clever\u4ea7\u54c1\u4e2d\u7684SAML\uff08\u5b89\u5168\u65ad\u8a00\u6807\u8bb0\u8bed\u8a00\uff09\u811a\u672c\u3002\r\n\r\nClever saml2-js 2.0\u7248\u672c\u548c1.0\u7248\u672c\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OneLogin python-saml\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "OneLogin OneLogin python-saml 2.3",
      "OneLogin OneLogin python-saml 2.2",
      "OneLogin OneLogin python-saml 2.1",
      "OneLogin OneLogin python-saml 1.1",
      "OneLogin OneLogin python-saml 1.0"
    ]
  },
  "referenceLink": "https://www.kb.cert.org/vuls/id/475445",
  "serverity": "\u9ad8",
  "submitTime": "2019-04-23",
  "title": "OneLogin python-saml\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

FKIE_CVE-2017-11427

Vulnerability from fkie_nvd - Published: 2019-04-17 14:29 - Updated: 2024-11-21 03:07

Severity ?

7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@duo.com	https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations	Exploit, Technical Description, Third Party Advisory
security@duo.com	https://www.kb.cert.org/vuls/id/475445	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/475445	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	onelogin	pythonsaml	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:onelogin:pythonsaml:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3804188A-61A9-4CF7-A57C-D6329D14A3A8",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
    },
    {
      "lang": "es",
      "value": "OneLogin PythonSAML versi\u00f3n 2.3.0 y versiones anteriores pueden utilizar incorrectamente los resultados de las API de automatizaci\u00f3n y canonicalizaci\u00f3n de XML DOM de tal manera que un atacante pueda manipular los datos SAML sin invalidar la firma criptogr\u00e1fica, lo que permite que el ataque omita la identificaci\u00f3n de los proveedores de servicio SAML"
    }
  ],
  "id": "CVE-2017-11427",
  "lastModified": "2024-11-21T03:07:46.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "security@duo.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-17T14:29:00.247",
  "references": [
    {
      "source": "security@duo.com",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
    },
    {
      "source": "security@duo.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/475445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/475445"
    }
  ],
  "sourceIdentifier": "security@duo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "security@duo.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-11427 (GCVE-0-2017-11427)

Tags

Sightings

Nomenclature