CVE-2016-10149

XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2017-03-24 07:59

Updated : 2018-01-04 18:30


NVD link : CVE-2016-10149

Mitre link : CVE-2016-10149


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

pysaml2_project

  • pysaml2