admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'DWF-CVE-2017-1000433' of https://github.com/distributedweaknessfiling/cvelist

Browse Source
This commit is contained in:
CVE Team 2018-01-02 16:36:09 -05:00
commit e0290cf5cf
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
2017/1000xxx/CVE-2017-1000433.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/rohe/pysaml2/issues/451"}]},"description": {"description_data": [{"lang": "eng","value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.4.0 and older"}]},"product_name": "pysaml2"}]},"vendor_name": "pysaml2"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-12-29","ID": "CVE-2017-1000433","ASSIGNER": "kurt@seifried.org","REQUESTER": "predrag.gruevski@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Incorrect Access Control"}]}]}}