Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Clever Subscribe
Filtered by product Saml2-js
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11429 1 Clever 1 Saml2-js 2019-10-09 7.5 HIGH 9.8 CRITICAL
Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.